urlscan.io logo urlscan.io
SecurityTrails logo

www.sltrib.com Open in urlscan Pro
2a02:26f0:f7::5c7b:e150  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://click.oi.com.br/ls/click?upn=5zCDL-2BIpvU4z1elswBBmmUBGBCN69tG-2BtJYibjFZOU3RHMzO-2BZEaU5trHrp25Fbmtg0NLOWI3GzQV...
Effective URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Submission: On May 17 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 110 IPs in 10 countries across 98 domains to perform 563 HTTP transactions. The main IP is 2a02:26f0:f7::5c7b:e150, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.sltrib.com. The Cisco Umbrella rank of the primary domain is 132682.
TLS certificate: Issued by R3 on April 7th 2022. Valid for: 3 months.
This is the only time www.sltrib.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.123.54 11377 (SENDGRID)
31 2a02:26f0:f7:... 20940 (AKAMAI-ASN1)
2 35.244.156.29 15169 (GOOGLE)
1 108.157.1.118 16509 (AMAZON-02)
2 104.89.18.74 16625 (AKAMAI-AS)
4 39 142.250.186.162 15169 (GOOGLE)
2 2600:9000:223... 16509 (AMAZON-02)
2 2600:9000:234... 16509 (AMAZON-02)
5 2600:9000:224... 16509 (AMAZON-02)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700:303... 13335 (CLOUDFLAR...)
2 5 216.58.212.134 15169 (GOOGLE)
1 199.232.188.157 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
2 35.170.106.187 14618 (AMAZON-AES)
2 18 151.101.194.137 54113 (FASTLY)
9 13.226.159.202 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 104.89.8.217 16625 (AKAMAI-AS)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.244.42.67 13414 (TWITTER)
1 104.244.42.197 13414 (TWITTER)
7 2a00:1450:400... 15169 (GOOGLE)
5 10 66.155.71.25 13768 (COGECO-PEER1)
1 1 216.152.140.212 13768 (COGECO-PEER1)
1 66.155.71.189 13768 (COGECO-PEER1)
2 35.201.103.212 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 70.42.32.223 13789 (INTERNAP-...)
1 35 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:224... 16509 (AMAZON-02)
7 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 10 2a00:1450:401... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
11 2606:4700::68... 13335 (CLOUDFLAR...)
3 108.138.7.103 16509 (AMAZON-02)
2 69.16.220.201 32244 (LIQUIDWEB)
2 54.187.119.242 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
2 18.66.248.40 16509 (AMAZON-02)
12 108.157.4.62 16509 (AMAZON-02)
11 2a00:1450:400... 15169 (GOOGLE)
1 54.148.50.223 16509 (AMAZON-02)
9 104.92.100.125 16625 (AKAMAI-AS)
8 151.101.129.194 54113 (FASTLY)
9 151.101.130.137 54113 (FASTLY)
12 18.190.49.176 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 178.162.133.150 60781 (LEASEWEB-...)
8 51.89.9.252 16276 (OVH)
8 216.52.2.30 29791 (VOXEL-DOT...)
4 145.40.89.200 54825 (PACKET)
4 204.237.133.116 3257 (GTT-BACKB...)
1 16 185.33.221.14 29990 (ASN-APPNEX)
8 35.244.159.8 15169 (GOOGLE)
4 2602:803:c004... 26667 (RUBICONPR...)
4 23.32.59.34 16625 (AKAMAI-AS)
4 8 2a02:2638::1c 44788 (ASN-CRITE...)
8 178.250.2.146 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
19 2a00:1450:400... 15169 (GOOGLE)
1 148.251.45.252 24940 (HETZNER-AS)
1 151.101.1.108 54113 (FASTLY)
3 185.33.220.240 29990 (ASN-APPNEX)
1 18.195.92.214 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
2 6 176.9.26.250 24940 (HETZNER-AS)
5 151.101.193.108 54113 (FASTLY)
2 54.36.108.3 16276 (OVH)
4 141.95.98.68 16276 (OVH)
1 34.120.133.55 15169 (GOOGLE)
9 15.197.193.217 16509 (AMAZON-02)
1 2 104.111.239.217 16625 (AKAMAI-AS)
1 185.85.15.31 200107 (KL-EXT)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 35.167.84.186 16509 (AMAZON-02)
8 23.205.235.133 16625 (AKAMAI-AS)
4 29 104.89.29.100 16625 (AKAMAI-AS)
4 185.64.190.78 62713 (AS-PUBMATIC)
4 4 69.173.144.165 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
6 9 142.250.185.226 15169 (GOOGLE)
2 4 69.173.144.138 26667 (RUBICONPR...)
2 3 52.94.220.185 16509 (AMAZON-02)
4 7 209.54.180.144 16509 (AMAZON-02)
1 4 2a05:d018:d29... 16509 (AMAZON-02)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 4 185.33.220.145 29990 (ASN-APPNEX)
2 2 185.183.112.148 60350 (VP)
1 2.18.234.233 16625 (AKAMAI-AS)
1 192.132.33.46 18568 (BIDTELLECT)
1 141.226.228.48 200478 (TABOOLA-AS)
4 4 135.125.160.160 16276 (OVH)
1 1 54.171.137.8 16509 (AMAZON-02)
4 4 185.29.134.244 30419 (MEDIAMATH...)
3 3 2001:678:cb4:... 56396 (AMOBEE)
1 52.49.145.37 16509 (AMAZON-02)
1 1 52.200.210.223 14618 (AMAZON-AES)
1 1 3.88.247.6 14618 (AMAZON-AES)
3 4 37.157.3.30 198622 (ADFORM)
13 104.36.113.107 ()
2 2 213.155.156.169 1299 (TWELVE99 ...)
1 178.250.2.151 44788 (ASN-CRITE...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 104.36.115.114 62713 (AS-PUBMATIC)
1 1 15.235.15.221 16276 (OVH)
1 2 169.50.137.184 36351 (SOFTLAYER)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 104.36.113.24 ()
2 2 151.101.130.49 ()
1 162.55.120.196 ()
1 2 77.243.60.138 ()
1 2606:4700:10:... ()
1 1 18.156.0.31 ()
1 1 159.65.197.210 ()
1 2a02:fa8:8806... ()
1 1 34.102.253.54 ()
1 1 2a04:4e42:200... ()
1 151.101.193.44 ()
1 2 34.111.129.221 ()
1 66.155.71.150 ()
1 54.229.167.98 ()
563 110
1    167.89.123.54 (Chicago, United States)

ASN11377 (SENDGRID, US)
PTR: o16789123x54.outbound-mail.sendgrid.net
click.oi.com.br
31    2a02:26f0:f7::5c7b:e150 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.sltrib.com
2    35.244.156.29 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 29.156.244.35.bc.googleusercontent.com
sltrib.coral.coralproject.net
1    108.157.1.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-1-118.dus51.r.cloudfront.net
js.adsrvr.org
2    104.89.18.74 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-18-74.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
39    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
2    2600:9000:223c:8800:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
2    2600:9000:234e:6c00:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.osano.com
5    2600:9000:224a:c800:13:a391:88c0:21 (United States)

ASN16509 (AMAZON-02, US)
d3plfjw9uod7ab.cloudfront.net
3    2606:4700:20::ac43:497c (United States)

ASN13335 (CLOUDFLARENET, US)
www.queryly.com
1    2a02:26f0:6c00:2b9::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
4    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2606:4700:3032::ac43:cb69 (United States)

ASN13335 (CLOUDFLARENET, US)
analyticssystems.net
5    216.58.212.134 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f134.1e100.net
8208269.fls.doubleclick.net
8234312.fls.doubleclick.net
1    199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
2    35.170.106.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-106-187.compute-1.amazonaws.com
ping.chartbeat.net
18    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
capi.connatix.com
img.connatix.com
9    13.226.159.202 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-202.dus51.r.cloudfront.net
c.amazon-adsystem.com
1    2606:4700:3030::6815:5476 (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
1    104.89.8.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-8-217.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
3    2606:4700::6811:b7b1 (United States)

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
buy.tinypass.com
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
7    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
10    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-a.basis.net
pixel.sitescout.com
1    216.152.140.212 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
clickserv.basis.net
1    66.155.71.189 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
clickserv.sitescout.com
2    35.201.103.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 212.103.201.35.bc.googleusercontent.com
expansioneggnog.com
1    2606:4700::6810:2a41 (United States)

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
1    70.42.32.223 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
log.outbrainimg.com
35    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
pagead2.googlesyndication.com
googleads.g.doubleclick.net
1    2600:9000:224a:2600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
7    2606:4700::6811:b9b1 (United States)

ASN13335 (CLOUDFLARENET, US)
buy.tinypass.com
2    2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
10    2a00:1450:4014:80f::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
11    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    108.138.7.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-103.fra56.r.cloudfront.net
js.stripe.com
2    69.16.220.201 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host3.utahdigitalservices.com
local.sltrib.com
2    54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com
q.stripe.com
5    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
7715dbe6c408e34029715297bac003c8.safeframe.googlesyndication.com
f42ba5b851365cd3b94302d5042bf5f4.safeframe.googlesyndication.com
ab39ef3ae26ed11d28281cd0aec9818b.safeframe.googlesyndication.com
a9057ce09a310b0512d074bcdf55f261.safeframe.googlesyndication.com
037b897051a5461837b5448e268cb815.safeframe.googlesyndication.com
2    18.66.248.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-40.dus51.r.cloudfront.net
m.stripe.network
12    108.157.4.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-62.dus51.r.cloudfront.net
cdn1.opstag.com
11    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    54.148.50.223 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-50-223.us-west-2.compute.amazonaws.com
m.stripe.com
9    104.92.100.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-100-125.deploy.static.akamaitechnologies.com
ads.pubmatic.com
8    151.101.129.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
9    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
ins.connatix.com
vid.connatix.com
12    18.190.49.176 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-190-49-176.us-east-2.compute.amazonaws.com
capi-tier-2-us-east-2.connatix.com
8    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    178.162.133.150 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
8    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
8    216.52.2.30 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
4    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    204.237.133.116 (West Chester, United States)

ASN3257 (GTT-BACKBONE GTT, US)
hbopenbid.pubmatic.com
16    185.33.221.14 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
8    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
os4m-d.openx.net
u.openx.net
4    2602:803:c004:200::143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    23.32.59.34 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-59-34.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
8    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
8    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    2606:4700::6811:bab1 (United States)

ASN13335 (CLOUDFLARENET, US)
id.sltrib.com
19    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    148.251.45.252 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.252.45.251.148.clients.your-server.de
tm.ad-srv.net
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
3    185.33.220.240 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ams1-ib.adnxs.com
1    18.195.92.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-92-214.eu-central-1.compute.amazonaws.com
protected-by.clarium.io
5    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
6    176.9.26.250 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.250.26.9.176.clients.your-server.de
ad.ad-srv.net
ad14.ad-srv.net
5    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    54.36.108.3 (France)

ASN16276 (OVH, FR)
PTR: ns3112796.ip-54-36-108.eu
cdn.contentspread.net
4    141.95.98.68 (France)

ASN16276 (OVH, FR)
PTR: ns3216657.ip-141-95-98.eu
id5-sync.com
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
9    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
1    185.85.15.31 (Germany)

ASN200107 (KL-EXT, CH)
media.kaspersky.com
4    2a06:98c1:3121::a (United States)

ASN13335 (CLOUDFLARENET, US)
id.a-mx.com
4    35.167.84.186 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-84-186.us-west-2.compute.amazonaws.com
fid.agkn.com
8    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
29    104.89.29.100 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-29-100.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
4    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
9    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    52.94.220.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
7    209.54.180.144 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    2a05:d018:d29:3602:cba9:630b:f07c:688c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
4    185.33.220.145 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
2    185.183.112.148 (Meaux, France)

ASN60350 (VP, FR)
sync.adotmob.com
1    2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
4    135.125.160.160 (France)

ASN16276 (OVH, FR)
PTR: ns3198892.ip-135-125-160.eu
gu.dyntrk.com
1    54.171.137.8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-137-8.eu-west-1.compute.amazonaws.com
d.adroll.com
4    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    52.49.145.37 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-145-37.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    52.200.210.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-210-223.compute-1.amazonaws.com
s.company-target.com
1    3.88.247.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-88-247-6.compute-1.amazonaws.com
nep.advangelists.com
4    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
13    104.36.113.107 (None, )

ASN- ()
simage2.pubmatic.com
image2.pubmatic.com
2    213.155.156.169 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-169.teliacarrier-cust.com
d5p.de17a.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    104.36.115.114 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    15.235.15.221 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-3.cloudy.ovh
pixel.onaudience.com
2    169.50.137.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    104.36.113.24 (None, )

ASN- ()
simage4.pubmatic.com
2    151.101.130.49 (None, )

ASN- ()
sync-tm.everesttech.net
1    162.55.120.196 (None, )

ASN- ()
matching.truffle.bid
2    77.243.60.138 (None, )

ASN- ()
uipglob.semasio.net
1    2606:4700:10::6816:1857 (None, )

ASN- ()
mwzeom.zeotap.com
1    18.156.0.31 (None, )

ASN- ()
ups.analytics.yahoo.com
1    159.65.197.210 (None, )

ASN- ()
match.adsby.bidtheatre.com
1    2a02:fa8:8806:16::1370 (None, )

ASN- ()
pubmatic-match.dotomi.com
1    34.102.253.54 (None, )

ASN- ()
ads.playground.xyz
1    2a04:4e42:200::300 (None, )

ASN- ()
trc.taboola.com
1    151.101.193.44 (None, )

ASN- ()
match.taboola.com
2    34.111.129.221 (None, )

ASN- ()
cr.frontend.weborama.fr
1    66.155.71.150 (None, )

ASN- ()
pixel-sync.sitescout.com
1    54.229.167.98 (None, )

ASN- ()
rtb.gumgum.com
Apex Domain
Subdomains		 Transfer
56 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187
8208269.fls.doubleclick.net — Cisco Umbrella Rank: 378246
8234312.fls.doubleclick.net — Cisco Umbrella Rank: 381250
stats.g.doubleclick.net — Cisco Umbrella Rank: 92
pubads.g.doubleclick.net — Cisco Umbrella Rank: 482
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
cm.g.doubleclick.net — Cisco Umbrella Rank: 212
733 KB
51 googlesyndication.com
7715dbe6c408e34029715297bac003c8.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 95
f42ba5b851365cd3b94302d5042bf5f4.safeframe.googlesyndication.com
ab39ef3ae26ed11d28281cd0aec9818b.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 130
a9057ce09a310b0512d074bcdf55f261.safeframe.googlesyndication.com
037b897051a5461837b5448e268cb815.safeframe.googlesyndication.com
368 KB
39 connatix.com
cd.connatix.com — Cisco Umbrella Rank: 3462
cds.connatix.com — Cisco Umbrella Rank: 3527
capi.connatix.com — Cisco Umbrella Rank: 3859
ins.connatix.com — Cisco Umbrella Rank: 7431
capi-tier-2-us-east-2.connatix.com — Cisco Umbrella Rank: 4708
vid.connatix.com — Cisco Umbrella Rank: 4303
img.connatix.com — Cisco Umbrella Rank: 4210
2 MB
34 sltrib.com
www.sltrib.com — Cisco Umbrella Rank: 132682
local.sltrib.com — Cisco Umbrella Rank: 553109
id.sltrib.com — Cisco Umbrella Rank: 341362
1 MB
33 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 439
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 446
image6.pubmatic.com — Cisco Umbrella Rank: 612
simage2.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com — Cisco Umbrella Rank: 875
simage4.pubmatic.com
aud.pubmatic.com Failed
268 KB
29 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 240
cdn.adnxs.com — Cisco Umbrella Rank: 1420
ams1-ib.adnxs.com — Cisco Umbrella Rank: 6477
acdn.adnxs.com — Cisco Umbrella Rank: 596
secure.adnxs.com — Cisco Umbrella Rank: 424
137 KB
25 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 477
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 530
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 557
29 KB
20 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 471
eus.rubiconproject.com — Cisco Umbrella Rank: 556
token.rubiconproject.com — Cisco Umbrella Rank: 692
pixel.rubiconproject.com — Cisco Umbrella Rank: 354
47 KB
19 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 288
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1187
s.amazon-adsystem.com — Cisco Umbrella Rank: 278
50 KB
17 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 393
mug.criteo.com — Cisco Umbrella Rank: 2669
dis.criteo.com — Cisco Umbrella Rank: 725
5 KB
17 google.com
adservice.google.com — Cisco Umbrella Rank: 74
www.google.com — Cisco Umbrella Rank: 7
5 KB
12 opstag.com
cdn1.opstag.com — Cisco Umbrella Rank: 35773
480 KB
11 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 175
370 KB
11 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
98 KB
10 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 7118
cdn.tinypass.com — Cisco Umbrella Rank: 5123
buy.tinypass.com — Cisco Umbrella Rank: 4242
361 KB
10 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1531
match.adsrvr.org — Cisco Umbrella Rank: 338
5 KB
9 google.de
adservice.google.de — Cisco Umbrella Rank: 7678
www.google.de — Cisco Umbrella Rank: 5483
2 KB
9 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 295
imasdk.googleapis.com — Cisco Umbrella Rank: 407
2 MB
8 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 658
9 KB
8 openx.net
os4m-d.openx.net — Cisco Umbrella Rank: 31527
u.openx.net — Cisco Umbrella Rank: 756
919 B
8 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 615
3 KB
8 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 809
5 KB
8 fastly.net
confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1563
298 KB
7 ad-srv.net
tm.ad-srv.net — Cisco Umbrella Rank: 73296
ad.ad-srv.net — Cisco Umbrella Rank: 34807
ad14.ad-srv.net — Cisco Umbrella Rank: 214717
9 KB
7 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 3501
clickserv.sitescout.com — Cisco Umbrella Rank: 22789
pixel-sync.sitescout.com
840 B
6 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 485
ads.yahoo.com — Cisco Umbrella Rank: 1156
ups.analytics.yahoo.com
5 KB
6 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1068
q.stripe.com — Cisco Umbrella Rank: 6349
m.stripe.com — Cisco Umbrella Rank: 943
85 KB
6 basis.net
pixel-a.basis.net — Cisco Umbrella Rank: 18001
clickserv.basis.net — Cisco Umbrella Rank: 64380
401 B
6 analyticssystems.net
analyticssystems.net — Cisco Umbrella Rank: 9246
3 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 344
109 KB
5 cloudfront.net
d3plfjw9uod7ab.cloudfront.net
156 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 571
2 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 444
2 KB
4 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1221
2 KB
4 agkn.com
fid.agkn.com — Cisco Umbrella Rank: 13466
3 KB
4 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 7077
2 KB
4 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 663
2 KB
4 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1183
989 B
4 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1623
3 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
40 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 755
1 KB
3 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 977
trc.taboola.com
match.taboola.com
626 B
3 queryly.com
www.queryly.com — Cisco Umbrella Rank: 16722
16 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1226
mab.chartbeat.com — Cisco Umbrella Rank: 2263
24 KB
2 weborama.fr
cr.frontend.weborama.fr
460 B
2 semasio.net
uipglob.semasio.net
1 KB
2 everesttech.net
sync-tm.everesttech.net
765 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 826
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5262
637 B
2 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1416
614 B
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 15147
1 KB
2 contentspread.net
cdn.contentspread.net — Cisco Umbrella Rank: 52708
2 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 264
33 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1115
18 KB
2 expansioneggnog.com
expansioneggnog.com — Cisco Umbrella Rank: 107136
27 KB
2 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 4142
log.outbrainimg.com — Cisco Umbrella Rank: 2136
787 B
2 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1180
401 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
127 KB
2 osano.com
cmp.osano.com — Cisco Umbrella Rank: 8481
106 KB
2 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1327
widget-pixels.outbrain.com — Cisco Umbrella Rank: 2750
70 KB
2 coralproject.net
sltrib.coral.coralproject.net — Cisco Umbrella Rank: 322443
19 KB
1 gumgum.com
rtb.gumgum.com
209 B
1 playground.xyz
ads.playground.xyz
467 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 bidtheatre.com
match.adsby.bidtheatre.com
534 B
1 zeotap.com
mwzeom.zeotap.com
455 B
1 truffle.bid
matching.truffle.bid
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 427
537 B
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3281
pixel-eu.onaudience.com Failed
419 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1574
501 B
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 2270
232 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 3854
399 B
1 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 214
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1559
112 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 822
380 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 675
724 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 511
709 B
1 kaspersky.com
media.kaspersky.com — Cisco Umbrella Rank: 145290
62 KB
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 832
359 B
1 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1944
345 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 552
483 B
1 piano.io
c2.piano.io — Cisco Umbrella Rank: 4233
3 KB
1 t.co
t.co — Cisco Umbrella Rank: 495
336 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 534
355 B
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 4237
3 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 638
14 KB
1 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1303
51 KB
1 oi.com.br
click.oi.com.br
267 B
0 ipredictive.com Failed
sync.ipredictive.com Failed
0 crwdcntrl.net Failed
sync.crwdcntrl.net Failed
0 bnmla.com Failed
match.bnmla.com Failed
0 deepintent.com Failed
match.deepintent.com Failed
0 iprom.net Failed
core.iprom.net Failed
0 tribalfusion.com Failed
s.tribalfusion.com Failed
0 audrte.com Failed
a.audrte.com Failed
0 adgrx.com Failed
cm.adgrx.com Failed
0 bidr.io Failed
match.prod.bidr.io Failed
0 loopme.me Failed
csync.loopme.me Failed
563 98
Domain Requested by
31 securepubads.g.doubleclick.net www.sltrib.com
securepubads.g.doubleclick.net
d3plfjw9uod7ab.cloudfront.net
www.googletagservices.com
31 www.sltrib.com www.sltrib.com
d3plfjw9uod7ab.cloudfront.net
27 pagead2.googlesyndication.com srcdoc
securepubads.g.doubleclick.net
d3plfjw9uod7ab.cloudfront.net
tpc.googlesyndication.com
www.googletagservices.com
19 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.sltrib.com
16 ib.adnxs.com 1 redirects cdn1.opstag.com
acdn.adnxs.com
ssum-sec.casalemedia.com
15 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
12 capi-tier-2-us-east-2.connatix.com cd.connatix.com
12 cdn1.opstag.com securepubads.g.doubleclick.net
cdn1.opstag.com
11 www.googletagservices.com securepubads.g.doubleclick.net
www.sltrib.com
11 cdnjs.cloudflare.com buy.tinypass.com
10 www.google.com 1 redirects www.sltrib.com
tpc.googlesyndication.com
9 cm.g.doubleclick.net 6 redirects ssum-sec.casalemedia.com
9 match.adsrvr.org ads.pubmatic.com
ssum-sec.casalemedia.com
9 ads.pubmatic.com www.sltrib.com
cdn1.opstag.com
ads.pubmatic.com
9 c.amazon-adsystem.com www.sltrib.com
d3plfjw9uod7ab.cloudfront.net
8 simage2.pubmatic.com ads.pubmatic.com
8 js-sec.indexww.com cdn1.opstag.com
ssum-sec.casalemedia.com
8 eus.rubiconproject.com cdn1.opstag.com
eus.rubiconproject.com
8 mug.criteo.com www.sltrib.com
8 gum.criteo.com 4 redirects
8 ap.lijit.com cdn1.opstag.com
8 onetag-sys.com cdn1.opstag.com
8 imasdk.googleapis.com cd.connatix.com
imasdk.googleapis.com
8 pubads.g.doubleclick.net 4 redirects www.sltrib.com
8 confiant-integrations.global.ssl.fastly.net cdn1.opstag.com
confiant-integrations.global.ssl.fastly.net
8 buy.tinypass.com cmp.osano.com
buy.tinypass.com
cdnjs.cloudflare.com
7 s.amazon-adsystem.com 4 redirects ssum-sec.casalemedia.com
7 img.connatix.com www.sltrib.com
7 vid.connatix.com cd.connatix.com
cds.connatix.com
7 adservice.google.de 1 redirects adservice.google.com
cmp.osano.com
securepubads.g.doubleclick.net
7 adservice.google.com 8234312.fls.doubleclick.net
8208269.fls.doubleclick.net
cmp.osano.com
securepubads.g.doubleclick.net
7 cds.connatix.com www.sltrib.com
cd.connatix.com
cmp.osano.com
6 ssum-sec.casalemedia.com 2 redirects js-sec.indexww.com
6 analyticssystems.net www.sltrib.com
d3plfjw9uod7ab.cloudfront.net
5 image2.pubmatic.com ads.pubmatic.com
5 acdn.adnxs.com www.sltrib.com
cdn1.opstag.com
5 cdn.ampproject.org confiant-integrations.global.ssl.fastly.net
5 pixel.sitescout.com www.sltrib.com
8234312.fls.doubleclick.net
5 pixel-a.basis.net 5 redirects
5 d3plfjw9uod7ab.cloudfront.net www.sltrib.com
securepubads.g.doubleclick.net
4 c1.adform.net 3 redirects ads.pubmatic.com
4 sync.mathtag.com 4 redirects
4 gu.dyntrk.com 4 redirects
4 secure.adnxs.com 1 redirects ssum-sec.casalemedia.com
4 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
4 pixel.rubiconproject.com 2 redirects
4 token.rubiconproject.com 4 redirects
4 image6.pubmatic.com ads.pubmatic.com
4 u.openx.net cdn1.opstag.com
4 fid.agkn.com cdn1.opstag.com
4 id.a-mx.com cdn1.opstag.com
4 id5-sync.com ads.pubmatic.com
4 ad.ad-srv.net 2 redirects www.sltrib.com
ad.ad-srv.net
4 htlb.casalemedia.com cdn1.opstag.com
4 fastlane.rubiconproject.com cdn1.opstag.com
4 os4m-d.openx.net cdn1.opstag.com
4 hbopenbid.pubmatic.com cdn1.opstag.com
4 prebid.a-mo.net cdn1.opstag.com
4 apex.go.sonobi.com cdn1.opstag.com
4 www.google-analytics.com www.sltrib.com
d3plfjw9uod7ab.cloudfront.net
3 ad.turn.com 3 redirects
3 aax-eu.amazon-adsystem.com 2 redirects
3 ams1-ib.adnxs.com www.sltrib.com
cdn.adnxs.com
3 js.stripe.com buy.tinypass.com
js.stripe.com
3 8234312.fls.doubleclick.net 1 redirects www.sltrib.com
adservice.google.com
3 www.queryly.com www.sltrib.com
2 cr.frontend.weborama.fr 1 redirects
2 uipglob.semasio.net 1 redirects
2 sync-tm.everesttech.net 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 sync.adotmob.com 2 redirects
2 www.awin1.com 1 redirects ad.ad-srv.net
2 cdn.contentspread.net ad.ad-srv.net
2 ad14.ad-srv.net ad.ad-srv.net
2 s0.2mdn.net imasdk.googleapis.com
2 ins.connatix.com cd.connatix.com
2 capi.connatix.com cd.connatix.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 q.stripe.com www.sltrib.com
2 local.sltrib.com buy.tinypass.com
2 www.google.de www.sltrib.com
2 stats.g.doubleclick.net d3plfjw9uod7ab.cloudfront.net
2 expansioneggnog.com cmp.osano.com
d3plfjw9uod7ab.cloudfront.net
2 cd.connatix.com 2 redirects
2 ping.chartbeat.net www.sltrib.com
2 8208269.fls.doubleclick.net 1 redirects www.sltrib.com
2 www.googletagmanager.com www.sltrib.com
cmp.osano.com
2 cmp.osano.com www.sltrib.com
cmp.osano.com
2 static.chartbeat.com www.sltrib.com
2 sltrib.coral.coralproject.net www.sltrib.com
1 rtb.gumgum.com
1 pixel-sync.sitescout.com
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pubmatic-match.dotomi.com
1 match.adsby.bidtheatre.com 1 redirects
1 ups.analytics.yahoo.com 1 redirects
1 mwzeom.zeotap.com
1 matching.truffle.bid ads.pubmatic.com
1 simage4.pubmatic.com ads.pubmatic.com
1 pixel.quantserve.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 nep.advangelists.com 1 redirects
1 s.company-target.com 1 redirects
1 dpm.demdex.net ssum-sec.casalemedia.com
1 d.adroll.com 1 redirects
1 sync.taboola.com ssum-sec.casalemedia.com
1 bttrack.com ssum-sec.casalemedia.com
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 ads.yahoo.com
1 px.ads.linkedin.com
1 media.kaspersky.com ad.ad-srv.net
1 api.rlcdn.com ads.pubmatic.com
1 googleads.g.doubleclick.net www.sltrib.com
1 protected-by.clarium.io www.sltrib.com
1 cdn.adnxs.com www.sltrib.com
1 tm.ad-srv.net www.sltrib.com
1 037b897051a5461837b5448e268cb815.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 a9057ce09a310b0512d074bcdf55f261.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 ab39ef3ae26ed11d28281cd0aec9818b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 f42ba5b851365cd3b94302d5042bf5f4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 id.sltrib.com d3plfjw9uod7ab.cloudfront.net
1 m.stripe.com m.stripe.network
1 7715dbe6c408e34029715297bac003c8.safeframe.googlesyndication.com cmp.osano.com
1 static.adsafeprotected.com www.sltrib.com
1 log.outbrainimg.com d3plfjw9uod7ab.cloudfront.net
1 c2.piano.io d3plfjw9uod7ab.cloudfront.net
1 cdn.tinypass.com cmp.osano.com
1 clickserv.sitescout.com www.sltrib.com
1 clickserv.basis.net 1 redirects
1 t.co www.sltrib.com
1 analytics.twitter.com www.sltrib.com
1 experience.tinypass.com www.sltrib.com
1 widget-pixels.outbrain.com www.sltrib.com
1 tcheck.outbrainimg.com d3plfjw9uod7ab.cloudfront.net
1 www.npttech.com www.sltrib.com
1 mab.chartbeat.com d3plfjw9uod7ab.cloudfront.net
1 ajax.googleapis.com www.queryly.com
1 static.ads-twitter.com www.sltrib.com
1 s.go-mpulse.net www.sltrib.com
1 widgets.outbrain.com www.sltrib.com
1 js.adsrvr.org www.sltrib.com
1 click.oi.com.br 1 redirects
0 sync.ipredictive.com Failed
0 sync.crwdcntrl.net Failed
0 match.bnmla.com Failed ads.pubmatic.com
0 match.deepintent.com Failed ads.pubmatic.com
0 pixel-eu.onaudience.com Failed ads.pubmatic.com
0 core.iprom.net Failed ads.pubmatic.com
0 s.tribalfusion.com Failed ads.pubmatic.com
0 a.audrte.com Failed
0 aud.pubmatic.com Failed
0 cm.adgrx.com Failed ads.pubmatic.com
0 match.prod.bidr.io Failed ads.pubmatic.com
0 csync.loopme.me Failed ssum-sec.casalemedia.com
ads.pubmatic.com
563 160
Subject Issuer Validity Valid
sltrib.web.arc-cdn.net
R3		 2022-04-07 -
2022-07-06		 3 months crt.sh
sltrib.coral.coralproject.net
GTS CA 1D4		 2022-04-15 -
2022-07-14		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
cmp.osano.com
Amazon		 2021-09-17 -
2022-10-16		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-07 -
2023-04-07		 a year crt.sh
akstat.io
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-15 -
2023-04-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.analyticssystems.net
E1		 2022-04-05 -
2022-07-04		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
*.piano.io
Sectigo RSA Domain Validation Secure Server CA		 2021-08-19 -
2022-09-18		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
expansioneggnog.com
R3		 2022-04-02 -
2022-07-01		 3 months crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2021-08-20 -
2022-09-21		 a year crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2022-04-27 -
2023-04-26		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2022-04-19 -
2022-08-05		 4 months crt.sh
local.sltrib.com
cPanel, Inc. Certification Authority		 2022-03-10 -
2022-06-08		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2022-06-09		 3 months crt.sh
*.opstag.com
Amazon		 2021-10-30 -
2022-11-27		 a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-11 -
2022-08-03		 4 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-05-04 -
2023-06-05		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-03-11 -
2023-04-12		 a year crt.sh
*.a-mo.net
R3		 2022-04-19 -
2022-07-18		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
id.sltrib.com
Cloudflare Inc ECC CA-3		 2021-08-30 -
2022-08-29		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
ad-srv.net
R3		 2022-03-29 -
2022-06-27		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2		 2022-04-10 -
2023-04-26		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
contentspread.net
R3		 2022-03-31 -
2022-06-29		 3 months crt.sh
*.id5-sync.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
www.awin1.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-18 -
2023-04-19		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
ads.stickyadstv.com
DigiCert SHA2 Secure Server CA		 2021-09-19 -
2022-09-20		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-21 -
2023-04-20		 a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
truffle.bid
R3		 2022-04-16 -
2022-07-15		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh

This page contains 109 frames:

Primary Page: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Frame ID: 9FB5F22AB79726A7DF5988B4A2E808F6
Requests: 113 HTTP requests in this frame

Frame: https://8208269.fls.doubleclick.net/activityi;dc_pre=CJClv5fR5vcCFf0hBgAdPA4H4g;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626
Frame ID: 6F07B3716A3E403D02C78E48BE4FF7EF
Requests: 1 HTTP requests in this frame

Frame: https://8234312.fls.doubleclick.net/activityi;dc_pre=CJabvpfR5vcCFZsbBgAdhb8Gww;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626
Frame ID: FE5A87F146BBEB6C27804A6567F425A8
Requests: 1 HTTP requests in this frame

Frame: https://cds.connatix.com/p/162633/connatix.player.dc.js
Frame ID: 08BFBD73A572BA3B8827BBD0FD4B70D4
Requests: 19 HTTP requests in this frame

Frame: https://cds.connatix.com/p/162633/connatix.playspace.dc.js
Frame ID: BEF563FF4E88B7D1877112401624D98B
Requests: 13 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: AAD0B40B7DFEA32B58726D060687CA9B
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJabvpfR5vcCFZsbBgAdhb8Gww;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Frame ID: 5EB543BEA73368B1E6FDF6DA38D11976
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJClv5fR5vcCFf0hBgAdPA4H4g;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Frame ID: ED2AC847D2E6F5B5AE2A2FECF8609C58
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 0A09E7522B535792DFFDE908F93DE50B
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 44C977CA02D77830C2BAEF8A055B550F
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CJClv5fR5vcCFf0hBgAdPA4H4g;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Frame ID: E0DA566CA99CAFDE7A89D619B2480FF3
Requests: 1 HTTP requests in this frame

Frame: https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CJabvpfR5vcCFZsbBgAdhb8Gww;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Frame ID: 777E2B9EFE9CC6CFB85CB0FE8260134F
Requests: 2 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-l9man&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=1494881405.1652793928&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=733f05d86f
Frame ID: 296688F6A82688F3871186190228CC27
Requests: 20 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 3E7A663AACC1CD96BE8163522BB68DDB
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-08a68483638f1673180e789f690b2a14.html
Frame ID: 9B0AC55B7B6CEF37D00F9A2F9C5C8B81
Requests: 3 HTTP requests in this frame

Frame: https://7715dbe6c408e34029715297bac003c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B24225A73AE1A082E8076AF4F58FD2F1
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 01E54EC7C125D65F32FA72AFD4ECAFEB
Requests: 4 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Frame ID: 43B33521FC9F92B749E2FD204A8CD642
Requests: 10 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Frame ID: 46D297354A1CB19916300C7B9FCEAB95
Requests: 9 HTTP requests in this frame

Frame: https://cdn1.opstag.com/14129/prebid.js
Frame ID: FFC302E7AA62F6358237DCEF60DEFB9D
Requests: 27 HTTP requests in this frame

Frame: https://cdn1.opstag.com/14129/prebid.js
Frame ID: 581DC669D9CDB9DE31C601B51E16EBFB
Requests: 28 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Frame ID: 78939BF182C449CEB9140833F603FCFF
Requests: 10 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Frame ID: B642A571A48D26DF5E0D75D5BBF9B718
Requests: 9 HTTP requests in this frame

Frame: https://cdn1.opstag.com/14129/prebid.js
Frame ID: 0CFB3C8A32BA7F399EE02CF82B92BE2A
Requests: 27 HTTP requests in this frame

Frame: https://cdn1.opstag.com/14130/prebid.js
Frame ID: 613D043EDBBDC9FF700A8F51A637F449
Requests: 27 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.516.0_en.html
Frame ID: 8759228D6E542585AC02C765E231DB89
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.516.0_en.html
Frame ID: 624AC2D4656AA73E351700B25EDB2EC4
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.516.0_en.html
Frame ID: 99E6CC2901C339FFAB7B294FEB3CF408
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 400544A7AC853E7B6FC08372C7B53FCD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 72F01044F567B36F5797780EA7A8C810
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 2F89F3AE28D9AB1C8EFA447A0B7CE456
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.516.0_en.html
Frame ID: BBB4A6882449779202A8B0EFA37824C6
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.516.0_en.html
Frame ID: B31B67502A6DF724F7688B3106F18825
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.516.0_en.html
Frame ID: C2C6165AA3C19AC86883621E27A8A449
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: EE8EAC8CA4AF0F31D003BD366CA6501F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 80BA4F62DCE57224BAFA86084EC6A7CC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D24FBA47ACC6D9F33C65BF26139410AC
Requests: 1 HTTP requests in this frame

Frame: https://f42ba5b851365cd3b94302d5042bf5f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 9AC92DB08229DDD6014D97945DFDDD87
Requests: 1 HTTP requests in this frame

Frame: https://ab39ef3ae26ed11d28281cd0aec9818b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 85EE6554456120F5B0A593337D130B34
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8B48D0D6BAAFAC5FDCE92A3E3D7D4C21
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 013B3981315263218C7DB9165905C321
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 92A7730545A34E663B57553FD9471F90
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A09B98D8BA93B88F64A8FF43E81DB1AE
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsslgWqVfVuc0Ab3vnGDts8YGFsOEO0U0uC4vsKtpJHgCcriyo8qNi2zs0eV9BRlG_61A2mXmJ9TYi2S7Mw44MaLVz6V0XJi0PkZC8jXgzp-7lGhdWLQuBGqE0TyKza9gNbg-xxxRVj0mftaiHxOKmp2RE8Nyu1L4UKiaUQCALNYzc4AdoSq1k-jRx19gZChJ7nGpGr1i1Xy5Qh8FkZZfEpIKpsYF6VDkirms10ogEQEox3VLpKIhnsRqQKnh3xlwPVOxXbbpHgguWuP0uKhgDGV-hG_Fx2BLisYNNJdCbRgrW752CVcZiDk2_OhrkrL0y92KxThIQ9rc46O11ELxsgWgbvo4u9gv4kw4Sg&sig=Cg0ArKJSzHz_58ziLF8yEAE&uach_m=[UACH]&adurl=
Frame ID: 80E321033E267BFF17EF290E4D1AA445
Requests: 8 HTTP requests in this frame

Frame: https://a9057ce09a310b0512d074bcdf55f261.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 10A28E1D3E66B51EDB9E7DA21620DB75
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOmseO_RaHHfrizBKo_lhpv0lqeFqTnf9kqMj1qZ0DiwhAbDoWnx3TGu6olQOC1a6NgU9OIXQsXG_MTznr7Dp9t0BQJdVqyWYTx53MinajP-sCYL0q7nuazkfQKUpeEwrGcdGYZkV07kzU_4n9ZIhivJJKaAcJ7d90FPgPLx3lJ6calf0pUZpjkDb2N1tnnZjauP1m6RDrB4nihLghCEWzxIPGDIxo16zdU9JsB1lxQepNyZpjD4FBRR1Eqx4pdZTigZbonKA7uMcRVKAZGvimRRFCE0Golb8pcgFgEPiv1PVRMMitBkzy1mCuliEjcWHyIa3oXzDVBsDGNXP-Gk0coL0I-OA-suh8YcE&sig=Cg0ArKJSzCXPDI5misIwEAE&uach_m=[UACH]&adurl=
Frame ID: 65CE0DF5E95362BA6EE419F239C8DFC7
Requests: 7 HTTP requests in this frame

Frame: https://037b897051a5461837b5448e268cb815.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 6476FA25151415CD7DFA271451BA4045
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 23235E7A5B46722B1161CBAAD7FA0BC5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8A7BC7F5FB9768C331F07B354BA66A39
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvmxVWGhWPPEGOUy4bu5VY5XOVqOs2YbNsFvGddVaw-Pouy9XFqwyDPa8Slz3Qr5BfxQz264eDL3_GmyPlqurYWqDVTOq0J7mbKHErYpNiLoOej6ihizsD2TiUKndXgIKeIqDnhTH7B3Q37KLPfh-vG9KdwC1P0340ObLvQAwDwntP7EfurXhA0qFzLg-mUVjQhzqAtc2jL_o0KVzjOE0b2ketyYmi8_eMaiiS8PNtTVnTeYiFei5MyS6lP2o4ie7yi5RpNeOfA-RZjR0krAZbs6WlH4FyhvtGVXUVLs-_5kxxdt0F6cGKvDv186K4lZHx7ZNogxqSXT0qiWreTUe-gP7KrzXBZjBgeCynfcg&sig=Cg0ArKJSzL3XLPCk_BkYEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 8A6801D4A571B8430F73C0D81E185340
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F207B1915FB701FB71BACD6963E48437
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0A8932607885967A85F6F56E6B63F99A
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012204292129000/amp4ads-v0.mjs
Frame ID: 528B487D55EEF8BFDE05D7D17CC5B4A9
Requests: 13 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=0tb3zvbgqv0r&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&documentReferer=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&ancestorOrigins=https%3A%2F%2Fwww.sltrib.com%2Chttps%3A%2F%2Fwww.sltrib.com%2Chttps%3A%2F%2Fwww.sltrib.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:8331&extVar[]=XR_DOM_RTB:www.sltrib.com&redirectClick=https%3A%2F%2Fams1-ib.adnxs.com%2Fclick%3FE9pyLsVVpT8C5ftR8O6aPwAAAOB6FBBAAuX7UfDumj8S2nIuxVWlP7s_2_BQlSMepmJTGPVC5UJMooNiAAAAABNhUgGLIAAASicAAAIAAAANft4Mea8lAAAAAABVU0QAVVNEANgCWgCQxwAAAAABAQUCAAAAANgAIiZETQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521pxZidwjFiI0TEI38-WYY-d6WASAAKAAxexSuR-F6pD86CUFNUzE6Mzk5OUCrLkksK01KQbfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMTozOTk5%2Fbn%3D77225%2Fclickenc%3D&uidRedirect=1
Frame ID: 7BE5017F04A5E34ED72E061D37D5FB0F
Requests: 4 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8331&pub_id=2015670
Frame ID: BC2150BA4513134AE92808CD4C98AED3
Requests: 3 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=dd7fc35f3b4a0iKmIRNS4d7XG4e1pQA5-GW-DGNcHZoL3CxqN3kZrIzrzWysE-KKvFTiRGXUyxGx-OY3JSYmFFfipmDkDPg3FRh1BFBmtliTkP2O1N9wkNwZ0V9wg4lFAC9wA38FF_xlbbFmcL9Yi8l0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=72884500102967201467935011962014&redirectClick=https%3A%2F%2Fad14.ad-srv.net%2Fc%2Fpu9ke01iiroxio6%3Ftprde%3D&uidRedirect=1
Frame ID: 59F86A2409E62B053E72B445953B1BCC
Requests: 5 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2519508&v=14098&q=379082&r=559379&pv=1&pref1=77893300102967901649445011962014
Frame ID: 0A0DF381B4155A1B2E40C8E2B40DA21B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Frame ID: EFF7A48879A975A760C384C1A02D9E83
Requests: 14 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13395636
Frame ID: 666BA5B78971341E40E1229C62603A47
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A4C0DE4350389E8AAB0210C55F62C806
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 482921DC831B4454BC26399F103AC4D1
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 0567C402079A77F1099B562AC58C53D2
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 313B6A454686EB152DD515813170CD7C
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1652793931962
Frame ID: 95F5D013A959D9D0A02C9C3792760B8F
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 83F323CC286FBE2E818F217618F81068
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13395636
Frame ID: FD83272E437CF088615F72731BDF989B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Frame ID: 38036E9CDEB4488002F9FF81B3BC1A80
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1652793931986
Frame ID: 05C4418B680EA6585D73F31EB70358F7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 63F32B820CE641BF68B90351FFBBCD34
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 7B8E9E383AADE76F90EF5A53D0197DCB
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: BAF1EE130992816EC6AAAD7BF9A00407
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 02B194BD3B8421439106577C359EABDA
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: A133AE58D545419851C279D2324898E6
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1652793932548
Frame ID: 87DF73029480B72AD11BEC1EED13FD25
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 9D8FCD6FF7B75AA16DE5B72B8B6482CB
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13395636
Frame ID: 9ECF99B3BF2DBE436C39BA6C120AF143
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 88FBC01AED8C15D893C7EC3F1E0E0A9A
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Frame ID: 8096FEB1CEA4A2AFD7DEF7203BEEB042
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 1B16411AADFEEA5ACAE25C679F158160
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 29D70B9737E3FFDFF4487C180D97E53D
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 901DAA996C20AFEFD452EA0816F1213D
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1652793932543
Frame ID: FD857E82ADADCE65A6E8F5FD3C075FAE
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 5390CEA89ECDC3EB2FBC188E539B08B7
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13395636
Frame ID: 4C9CE6044302A0FF2EF70C235576C774
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 14BD44961C45041B4E53F0F5768EA562
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Frame ID: E14530AFAA23DCC3B73B5DA71B0D740F
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 89FA78180ED5B595D266326513D9AE7E
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: B3D1825302A8F3F7DFB6E15013E25B98
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 04FD69E7F1818DFA63E1E1CB36256156
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=242421FC-1227-4223-BB5A-E49A2094C76E
Frame ID: C6C8116EEBCE43B9999A12FC8C974731
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ded86283-a250-4400-9191-a00cea6a4e74&gdpr=0&gdpr_consent=
Frame ID: 978B728DC6625207305D4C5C78A13DC1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3932179186703202776
Frame ID: EB1CB03680339A4C15713528DCE5A5E9
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 9689D6646F3C3DABE307D67A9390C34F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7098695902156224653
Frame ID: F4BD81CC1AB02677B0BEC7AD6A414F4D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YoOiUgACAXd_9AAo&gdpr=0&gdpr_consent=&_test=YoOiUgACAXd_9AAo
Frame ID: D07D1961DF00152E248A589FA36BADE8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=JptUsi5RTYdovlr8Rw_Rgtly2hw
Frame ID: A2C548ACFF64D9003273ACEA561A04C0
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: EBB034D1F99A32AD25059C343D6724D1
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
Frame ID: AC2F07E084C0BECE4619B0FAD446D7CA
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: FEE019415A594BD16DD7D741BA026F53
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 2829C7412CBBFAA6ACF09E0FCD21C339
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 09E9DD5E96F29A7841EC7443406F8D48
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: A0A1728EDDAB89A1C0C37C1753C29F1B
Requests: 1 HTTP requests in this frame

Frame: https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid
Frame ID: 69C33B733A47B614AD8B78A5F29502D5
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=05d8ab0f-f35f-4109-ab26-d52632a4602e-tuct97d27d3&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: F52A562BECD8D993D81EFFF1DD2A0465
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Frame ID: 6919BBB4ABB29DCE8346E04D21C16752
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 0BAEA7FCA12836C3F26E6AD220DAC8E5
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 1A4D5E5CAFA833BA3D629A84A80B4B3C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:326F174BAE7742FBB30AD9523F839E8D
Frame ID: C11064784FD47ED1BA3734A75CC19790
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EhyLrzB91NQXcL5&gdpr=0&gdpr_consent=
Frame ID: D4C99517ABD48F51C22D2F426DCC0A09
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Richest Utah native vows to give away 90% of his billionsSchließen Sie diesen DialogSchließen Sie die Cookie-Einstellungen

Page URL History Show full URLs

  1. http://click.oi.com.br/ls/click?upn=5zCDL-2BIpvU4z1elswBBmmUBGBCN69tG-2BtJYibjFZOU3RHMzO-2BZEaU5trH... HTTP 302
    https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

563
Requests

85 %
HTTPS

31 %
IPv6

98
Domains

160
Subdomains

110
IPs

10
Countries

8952 kB
Transfer

25444 kB
Size

92
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://click.oi.com.br/ls/click?upn=5zCDL-2BIpvU4z1elswBBmmUBGBCN69tG-2BtJYibjFZOU3RHMzO-2BZEaU5trHrp25Fbmtg0NLOWI3GzQVam3WdzWIhoL-2FjVpoaqKGOaLJYoxHNw-3DDBwU_oQShUvOpK23QZDHQLgmO9c0CuE5W1IImt8YOq4A9lkaqELZ8mmByIzmyT4ripWAA6ZlWYnzMz-2BArY9C1GEx44KAlyOQ9s-2FnWo0f03YRpWUBfFyCbqB-2FQ1lPq-2Fr-2FwOWVP5u5ypZC7Ftpcv-2BOf3jze2OKhIDMJdwYnAvnHo3SeQJh9XwxlwSAG5v3qNFS3Tj233mOp-2F7F3BA2IkEcRPUnBDQ-3D-3D HTTP 302
    https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41
  • https://8208269.fls.doubleclick.net/activityi;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626 HTTP 302
  • https://8208269.fls.doubleclick.net/activityi;dc_pre=CJClv5fR5vcCFf0hBgAdPA4H4g;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626
Request Chain 42
  • https://8234312.fls.doubleclick.net/activityi;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626 HTTP 302
  • https://8234312.fls.doubleclick.net/activityi;dc_pre=CJabvpfR5vcCFZsbBgAdhb8Gww;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626
Request Chain 54
  • https://cd.connatix.com/connatix.player.js HTTP 302
  • https://cds.connatix.com/p/162633/connatix.player.dc.js
Request Chain 56
  • https://cd.connatix.com/connatix.playspace.js HTTP 302
  • https://cds.connatix.com/p/162633/connatix.playspace.dc.js
Request Chain 69
  • https://pixel-a.basis.net/dmp/asyncPixelSync HTTP 301
  • https://pixel.sitescout.com/dmp/asyncPixelSync
Request Chain 70
  • https://pixel-a.basis.net/dmp/asyncPixelSync HTTP 301
  • https://pixel.sitescout.com/dmp/asyncPixelSync
Request Chain 71
  • https://pixel-a.basis.net/iap/dda8255d32e6482d HTTP 301
  • https://pixel.sitescout.com/iap/dda8255d32e6482d
Request Chain 72
  • https://clickserv.basis.net/conv/1ea036853c174e3a HTTP 301
  • https://clickserv.sitescout.com/conv/1ea036853c174e3a
Request Chain 86
  • https://adservice.google.de/ddm/fls/i/dc_pre=CJabvpfR5vcCFZsbBgAdhb8Gww;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/ HTTP 302
  • https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CJabvpfR5vcCFZsbBgAdhb8Gww;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Request Chain 92
  • https://pixel-a.basis.net/dmp/asyncPixelSync HTTP 301
  • https://pixel.sitescout.com/dmp/asyncPixelSync
Request Chain 93
  • https://pixel-a.basis.net/iap/9f30138796dc7a6a HTTP 301
  • https://pixel.sitescout.com/iap/9f30138796dc7a6a
Request Chain 153
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,89799359/saltlaketribune/sltrib-14129-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5756270048 HTTP 302
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,89799359/saltlaketribune/sltrib-14129-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5756270048&pre=1
Request Chain 154
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,89799359/saltlaketribune/sltrib-14129-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5756270048 HTTP 302
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,89799359/saltlaketribune/sltrib-14129-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5756270048&pre=1
Request Chain 176
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,89799359/saltlaketribune/sltrib-14129-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5756270048 HTTP 302
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,89799359/saltlaketribune/sltrib-14129-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5756270048&pre=1
Request Chain 194
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,89799359/saltlaketribune/sltrib-14130-300x600-activefill-desktop-pixel&sz=1x1&t=&c=5755742761 HTTP 302
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,89799359/saltlaketribune/sltrib-14130-300x600-activefill-desktop-pixel&sz=1x1&t=&c=5755742761&pre=1
Request Chain 237
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sltrib.com%2F&domain=www.sltrib.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=w5G1AnxWeWpDemhiaXppQTdmaU9YVkJrQXNQb1ppQ0hpVDA4NjJGeng2SG53YkFaNTA2bDcxYXUwc0g2aXBwaHpkUVMzVUNhQnlzMnVEZ2hRaGUzSkZaNWM0UEs2Uk5qN2d2WlJMVEZyM1JhMmZmbkxxdFdkOXlQZ05xb1hwUnVUYkJYdnFic0RjV1ZNcGRtL3F6c29tTmVuaHZGbDhHV0Nqcy9EQTQ4T2U0cWtoc09wYXJRYThIaGxBYkFCWS9zL050Yko1d05JUVBxZkFCRWFHbHJ6WXFrUTIwdm9LVm1UU3RLQWdXSU9nNy83VmtrPXw&cppv=2
Request Chain 240
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sltrib.com%2F&domain=www.sltrib.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=pRszknw2K2dQWGZmUHFVT3c1Q2lDTDZ3Nm5wNDQ3VStjRnlSUFV4cDNxdGFTdHp5MlU5ZE16dXFVQXhSQVp4RlV1OTlZb25ndjVyLytxYW1kYVUzUGJoV3dEc2hWc0VicXN0bXBRY3lOSW15Z0pjN2tTeGZaQ1VUcmJlWS9XYnRRK21tWDF3UExyamE4d0RRUEtnNTAyY2xjRlhSY0ZOQ2pFZlk0R1hubThxVnR0aEUvbUxjNnl3TTl3MjAvNldRcER6ZjFDaU91dXpLZVhtU2pDc2YvVHlNOWdlbkgyUmZIVzk0aXdrS09kbUZaQ3ZnPXw&cppv=2
Request Chain 248
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sltrib.com%2F&domain=www.sltrib.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=pt2OOXx0UGF2RjJXelVuRGdvekF0SUZKQlFORmxWaWVsWllXb1lvS3Y3WEhaRkhFR1JDbHJkVEdwS20xbU9iRGxGRmFqTlF5QWhDeHc5aGJZREcrQ1o1N3ByQW5kbmVObFJEdHVhSzcrRG5OWEgzcVQvWnBTSUVQQzBtZmJtam1UcHhrMG53NUZhV1lzOWpmTWZESDhtMTlYRVdtczIrNVpHVmZLSjJTVDU5TS96SGx4RUo0MmI3ODJ4cVphWnNlbDFmeXlFVXJ0L1M4cGwxZjVEaG1ERnhta1hPM1R4d1pTdlo4RGpCUk5CMEpPMUI0PXw&cppv=2
Request Chain 250
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sltrib.com%2F&domain=www.sltrib.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=ycZ0U3xKRkJRY0VUN0F0K21sWjdLVUQvTlF2WWVSR05aZDZrcFlyNlpMSFBPYXpYdVFtZ1NYVVNpeHYrc2drdHVDZEU5QndRQ3hRRFptY0U3b1BjZ0tQNzZPb0VkNUovM1dPZjhuVTROY2duZGJabzZYR0o2Yjcyckp6U1hxaFkwSEE0TkM1SHJ5WkxkRUVFbVlTYTNKUmtoQ0VPTzNRNHh4VFYweC92d2lOSkJzZTdjczB2a3NmN1I0VUdYaEtLbzh4WVFaUlpjeGZxTHpKNGRrcWdXUStSTVRnZ3RpM0FBUmJrbmV4SmN6LzV6M2RzPXw&cppv=2
Request Chain 378
  • https://ad.ad-srv.net/request.php?zone=0tb3zvbgqv0r&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&documentReferer=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&ancestorOrigins=https%3A%2F%2Fwww.sltrib.com%2Chttps%3A%2F%2Fwww.sltrib.com%2Chttps%3A%2F%2Fwww.sltrib.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:8331&extVar[]=XR_DOM_RTB:www.sltrib.com&redirectClick=https%3A%2F%2Fams1-ib.adnxs.com%2Fclick%3FE9pyLsVVpT8C5ftR8O6aPwAAAOB6FBBAAuX7UfDumj8S2nIuxVWlP7s_2_BQlSMepmJTGPVC5UJMooNiAAAAABNhUgGLIAAASicAAAIAAAANft4Mea8lAAAAAABVU0QAVVNEANgCWgCQxwAAAAABAQUCAAAAANgAIiZETQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521pxZidwjFiI0TEI38-WYY-d6WASAAKAAxexSuR-F6pD86CUFNUzE6Mzk5OUCrLkksK01KQbfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMTozOTk5%2Fbn%3D77225%2Fclickenc%3D HTTP 302
  • https://ad.ad-srv.net/request.php?zone=0tb3zvbgqv0r&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&documentReferer=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&ancestorOrigins=https%3A%2F%2Fwww.sltrib.com%2Chttps%3A%2F%2Fwww.sltrib.com%2Chttps%3A%2F%2Fwww.sltrib.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:8331&extVar[]=XR_DOM_RTB:www.sltrib.com&redirectClick=https%3A%2F%2Fams1-ib.adnxs.com%2Fclick%3FE9pyLsVVpT8C5ftR8O6aPwAAAOB6FBBAAuX7UfDumj8S2nIuxVWlP7s_2_BQlSMepmJTGPVC5UJMooNiAAAAABNhUgGLIAAASicAAAIAAAANft4Mea8lAAAAAABVU0QAVVNEANgCWgCQxwAAAAABAQUCAAAAANgAIiZETQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521pxZidwjFiI0TEI38-WYY-d6WASAAKAAxexSuR-F6pD86CUFNUzE6Mzk5OUCrLkksK01KQbfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMTozOTk5%2Fbn%3D77225%2Fclickenc%3D&uidRedirect=1
Request Chain 388
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 391
  • https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=dd7fc35f3b4a0iKmIRNS4d7XG4e1pQA5-GW-DGNcHZoL3CxqN3kZrIzrzWysE-KKvFTiRGXUyxGx-OY3JSYmFFfipmDkDPg3FRh1BFBmtliTkP2O1N9wkNwZ0V9wg4lFAC9wA38FF_xlbbFmcL9Yi8l0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=72884500102967201467935011962014&redirectClick=https%3A%2F%2Fad14.ad-srv.net%2Fc%2Fpu9ke01iiroxio6%3Ftprde%3D HTTP 302
  • https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=dd7fc35f3b4a0iKmIRNS4d7XG4e1pQA5-GW-DGNcHZoL3CxqN3kZrIzrzWysE-KKvFTiRGXUyxGx-OY3JSYmFFfipmDkDPg3FRh1BFBmtliTkP2O1N9wkNwZ0V9wg4lFAC9wA38FF_xlbbFmcL9Yi8l0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=72884500102967201467935011962014&redirectClick=https%3A%2F%2Fad14.ad-srv.net%2Fc%2Fpu9ke01iiroxio6%3Ftprde%3D&uidRedirect=1
Request Chain 397
  • https://www.awin1.com/cshow.php?s=2519508&v=14098&q=379082&r=559379&pv=0&pref1=77893300102967901649445011962014 HTTP 302
  • https://media.kaspersky.com/de/affiliates/evergreen-kis-728x90.jpg
Request Chain 436
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 439
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 449
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3A6TZMV-1C-6WD6
Request Chain 451
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMSfQJikimQQ3IOJkg1gnFI&google_cver=1
Request Chain 452
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGI3ZmI5ZWQ2YTFiYWRlMTQwMGYyMDEwMjgzMDMxMDZiMDM5NTJhZA
Request Chain 453
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=rbUQrli5TdiOxpU8yz0hqA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rbUQrli5TdiOxpU8yz0hqA
Request Chain 454
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=-8aWCOabTN-orEsSJvtRHw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-8aWCOabTN-orEsSJvtRHw
Request Chain 455
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/38LFKNys_fJwOKHtQ5ZtV8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2855090975836946221
Request Chain 456
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3A6TZMV-1C-6WD6&sigv=1&esig=2~997b1c31ba9fda59223d366ba18d50ea3781faf2
Request Chain 458
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoOiTwgY4IhUp3ZYtM7cGwAABJ4AAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoOiTwgY4IhUp3ZYtM7cGwAABJ4AAAIB&dcc=t
Request Chain 460
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YoOiTwgY4IhUp3ZYtM7cHQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAaZzwcR1f2xbKsIYnp1tts&google_cver=1&gdpr=1
Request Chain 462
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Request Chain 476
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YoOiTwgY4IhUp3ZYtM7cHQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAaZzwcR1f2xbKsIYnp1tts&google_cver=1&gdpr=1
Request Chain 479
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoOiTwgY4IhUp3ZYtM7cHQAABKkAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoOiTwgY4IhUp3ZYtM7cHQAABKkAAAAB&dcc=t
Request Chain 482
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 483
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 492
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=909b6283-a250-4800-b4ca-e24421e480a9&gdpr=1&gdpr_consent=
Request Chain 493
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2714794568175277182
Request Chain 494
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Request Chain 501
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=ded86283-a250-4400-9191-a00cea6a4e74&gdpr=1&gdpr_consent=
Request Chain 502
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2642736974137349246
Request Chain 503
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1668691536&external_user_id=ccdfc78f-9f8e-45ec-ad5f-d4dba22d150a
Request Chain 504
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-3acf579c-823a-4624-9a7a-2900c4c1e276
Request Chain 505
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 508
  • https://c1.adform.net/serving/cookie/match?party=14&cid=242421FC-1227-4223-BB5A-E49A2094C76E HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=242421FC-1227-4223-BB5A-E49A2094C76E
Request Chain 509
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ded86283-a250-4400-9191-a00cea6a4e74&gdpr=0&gdpr_consent=
Request Chain 510
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3932179186703202776
Request Chain 512
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7098695902156224653
Request Chain 513
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JCQh_BInQiO7WuSaIJTHbg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 514
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ded86283-a250-4400-9191-a00cea6a4e74
Request Chain 515
  • https://pixel.onaudience.com/?partner=214&mapped=242421FC-1227-4223-BB5A-E49A2094C76E HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Request Chain 516
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjQyNDIxRkMtMTIyNy00MjIzLUJCNUEtRTQ5QTIwOTRDNzZF&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 517
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFQCM_Gdw1fdasO6QooqFlU&google_cver=1
Request Chain 519
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3491808872652517208
Request Chain 521
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4820332596612522662&gdpr=0&gdpr_consent=
Request Chain 522
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MqcjwWWnLsIpoCqUNqc2wT2lL8Qp93mRZqIsQNl4
Request Chain 532
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YoOiUgACAXd_9AAo HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YoOiUgACAXd_9AAo&gdpr=0&gdpr_consent=&_test=YoOiUgACAXd_9AAo
Request Chain 533
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=JptUsi5RTYdovlr8Rw_Rgtly2hw
Request Chain 534
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFER3IwN0ZCMFVBQUVYYTFEODNiUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 538
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=242421FC-1227-4223-BB5A-E49A2094C76E&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=242421FC-1227-4223-BB5A-E49A2094C76E&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=242421FC-1227-4223-BB5A-E49A2094C76E&addseg=19,36,42
Request Chain 539
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=242421FC-1227-4223-BB5A-E49A2094C76E&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=242421FC-1227-4223-BB5A-E49A2094C76E&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 541
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=242421FC-1227-4223-BB5A-E49A2094C76E HTTP 302
  • https://a.audrte.com/p
Request Chain 542
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=242421FC-1227-4223-BB5A-E49A2094C76E&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4PWlqLlE2uV_DNZwqE8snyx3V9OQyvw-~A&gdpr=0&gdpr_consent=
Request Chain 543
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=9c542e50-cc8c-4e86-b189-fef6e9c77045&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_a89608d9-8e92-4330-a503-d3a57d288dd2&bsw_param=9c542e50-cc8c-4e86-b189-fef6e9c77045&expires=10 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9c542e50-cc8c-4e86-b189-fef6e9c77045&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 544
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:9c539778-51cf-4572-837f-0e035d02b3b2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 545
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2714794568175277182&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 547
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4820332596612522662
Request Chain 550
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 552
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid
Request Chain 553
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=05d8ab0f-f35f-4109-ab26-d52632a4602e-tuct97d27d3&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 554
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1652793939136 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Request Chain 557
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:326F174BAE7742FBB30AD9523F839E8D
Request Chain 558
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EhyLrzB91NQXcL5&gdpr=0&gdpr_consent=
Request Chain 559
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2080433080
Request Chain 560
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=242421FC-1227-4223-BB5A-E49A2094C76E&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=242421FC-1227-4223-BB5A-E49A2094C76E&gdpr=0&gdpr_consent=&ct=y

563 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Redirect Chain
  • http://click.oi.com.br/ls/click?upn=5zCDL-2BIpvU4z1elswBBmmUBGBCN69tG-2BtJYibjFZOU3RHMzO-2BZEaU5trHrp25Fbmtg0NLOWI3GzQVam3WdzWIhoL-2FjVpoaqKGOaLJYoxHNw-3DDBwU_oQShUvOpK23QZDHQLgmO9c0CuE5W1IImt8YOq4...
  • https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
362 KB
77 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
a61b552bd8a8bd0749d32d0ba19a1bef2912f806829da532650edf33bb0ae2ed
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

arc-country
DE
cache-control
private, max-age=60
content-encoding
gzip
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
content-type
text/html; charset=utf-8
date
Tue, 17 May 2022 13:25:26 GMT
etag
W/"59495-1d4kfAC4lCSJ1mh6F3ckxJ7ixYg"
expires
Tue, 17 May 2022 13:26:26 GMT
last-modified
Tue, 17 May 2022 13:24:08 GMT
link
<https://widgets.outbrain.com>;rel="preconnect",<https://widget-pixels.outbrain.com>;rel="preconnect",<https://cd.connatix.com>;rel="preconnect",<https://c.amazon-adsystem.com>;rel="preconnect",<https://cds.connatix.com>;rel="preconnect",<https://imasdk.googleapis.com>;rel="preconnect" <https://sltrib.coral.coralproject.net>;rel="preconnect",<https://js.adsrvr.org>;rel="preconnect",<https://www.queryly.com>;rel="preconnect",<https://static.chartbeat.com>;rel="preconnect",<https://cmp.osano.com>;rel="preconnect",<https://www.googletagmanager.com>;rel="preconnect",<https://securepubads.g.doubleclick.net>;rel="preconnect",<https://d3plfjw9uod7ab.cloudfront.net>;rel="preconnect"
server
openresty
server-timing
cdn-cache; desc=REVALIDATE edge; dur=1 origin; dur=574
strict-transport-security
max-age=86400
vary
Accept-Encoding
x-akamai-transformed
9 74597 0 pmb=mRUM,2

Redirect headers

Connection
keep-alive
Content-Length
87
Content-Type
text/html; charset=utf-8
Date
Tue, 17 May 2022 13:25:26 GMT
Location
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Server
nginx
X-Robots-Tag
noindex, nofollow
main.css
www.sltrib.com/pf/resources/css/ 		113 B
709 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/css/main.css?d=283
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
668c0ef605758b2a28ae572680986554e0097e2f10a749db8316b3cb1574806c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:26 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
BJVCHBA6JM9V26YP
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=4
content-length
88
x-amz-id-2
fP9taQmXLrX9RdVQ3BOqXI8Q02wr8eBnwXpXOe9YB2mLsZTBkKHFto0Dnz7OghhN0o748VX8jeM=
last-modified
Tue, 10 May 2022 23:21:14 GMT
server
openresty
etag
W/"c07ed12e990cf688bbb98cbc27f198a8"
strict-transport-security
max-age=86400
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 17 May 2023 13:25:26 GMT
carousel.css
www.sltrib.com/pf/resources/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/css/carousel.css?d=283
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
93fc8b658124ff5537f0f4d764d1ab052431db7356744319851ec3b69d5c5511
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:26 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
BJV4DHV4SVGE6BX7
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=19
content-length
826
x-amz-id-2
nr2fXJxn2DIm+omMOun/3SDga02Y2K5tbOqqeIAmUrWCkTQNPrwGdDY6ldYZoLMGW7m08qJTQAw=
last-modified
Tue, 10 May 2022 23:21:14 GMT
server
openresty
etag
W/"a967928dd3b5d82f2d2f613f61699944"
strict-transport-security
max-age=86400
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 17 May 2023 13:25:26 GMT
count.js
sltrib.coral.coralproject.net/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sltrib.coral.coralproject.net/assets/js/count.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.156.29 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
29.156.244.35.bc.googleusercontent.com
Software
/
Resource Hash
305705fc54f335a4cce39cb68ab059e7202c19f0ff03d3336ebd3e6fcdcf0518
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
x-content-type-options
nosniff
age
1555
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1688
x-xss-protection
1; mode=block
x-trace-id
f40e53a0-d5d6-11ec-8a4d-3101f96487f0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 11 Apr 2022 19:47:34 GMT
date
Tue, 17 May 2022 12:59:32 GMT
vary
Accept-Encoding
content-language
en-US
via
1.1 google
cache-control
public, max-age=1800, s-max-age=604800
etag
W/"698-1801a2acbf0"
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
embed.js
sltrib.coral.coralproject.net/assets/js/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sltrib.coral.coralproject.net/assets/js/embed.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.156.29 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
29.156.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6905d2cac6ab2800387c2ef563162c1d446749a347d51a5ee8057564c9c233bb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
x-content-type-options
nosniff
age
414
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17051
x-xss-protection
1; mode=block
x-trace-id
8818ae10-d5d2-11ec-a1b9-537f5a41a0ce
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 11 Apr 2022 19:51:04 GMT
date
Tue, 17 May 2022 13:18:33 GMT
vary
Accept-Encoding
content-language
en-US
via
1.1 google
cache-control
public, max-age=1800, s-max-age=604800
etag
W/"429b-1801a2e0040"
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
react.js
www.sltrib.com/pf/dist/engine/ 		278 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/dist/engine/react.js?d=283
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
3ca1ddf5346b4dc8822bcdad8f9ab4da178980f27825e0c7911e6c61e4aec595
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
BJV732QXWV8MV05K
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
87467
x-amz-id-2
QnzgLo/TCrH6RsgYSMBe7u+PaskeFJ1KDUlsWlfQ9P+TBVMAycxlfgM6uV9bywbvVk8OOcjDwck=
last-modified
Tue, 10 May 2022 23:21:15 GMT
server
openresty
etag
W/"538dbfd60b4432bca912e517298a5505"
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 17 May 2023 13:25:27 GMT
default.js
www.sltrib.com/pf/dist/components/combinations/ 		3 MB
789 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/dist/components/combinations/default.js?d=283
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
dbf50792c905aaa16b52235e1ee5610fe1cde3d815f48713f3d16d0debd52d6a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
BJV47R7E9T24FG81
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=9
content-length
805896
x-amz-id-2
ZiVnaJi5XdXItf4S5m0+LS/oLw5+VCC2R4i5hqVqnbxqOEBCpMqroc9fqxfKIIaghduMM9/vkXw=
last-modified
Tue, 10 May 2022 23:21:15 GMT
server
openresty
etag
W/"714fbf62fe06f750c847af036a5339c3"
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 17 May 2023 13:25:27 GMT
default.css
www.sltrib.com/pf/dist/components/output-types/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/dist/components/output-types/default.css?d=283
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
0680615b6bf188287295e621b64538d8dbabc251c085a13137915a33450f70e1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:26 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
BJV5SYXCJTNHHWV3
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=3
content-length
1396
x-amz-id-2
CvFkYaaJxKKhzf/XkPn7PeeUMksY/EW0hj0F1dzBxEOS+vguVBsMSDbyuGSGFwafFCCqawHLZyk=
last-modified
Tue, 10 May 2022 23:21:15 GMT
server
openresty
etag
W/"d745b567e637d37cfafb4d028be0f7fd"
strict-transport-security
max-age=86400
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 17 May 2023 13:25:26 GMT
default.css
www.sltrib.com/pf/dist/components/combinations/ 		204 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/dist/components/combinations/default.css?d=283
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
a462af891371d03cd034b9c4ce158acc3d59449b86c8b3184c391d6f152f19ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:26 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
BJV7D0J8PSZEZRX7
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=7
content-length
27037
x-amz-id-2
lR5qYsbb3myNw8mHNS8neZeEoDdiIxHzlQyE/CZpIDYPqsLQOH1YT85xbL3+9K7Uz1MW3OugZpk=
last-modified
Tue, 10 May 2022 23:21:15 GMT
server
openresty
etag
W/"267911af154082bdfe4c9ff24f470d8e"
strict-transport-security
max-age=86400
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 17 May 2023 13:25:26 GMT
a7e1ce28-5353-4737-87a7-c7be13b28f3c.png
www.sltrib.com/resizer/A-tqhF0IJpMxJCHiHgerOt3lPN8=/60x60/s3.amazonaws.com/arc-authors/sltrib/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/A-tqhF0IJpMxJCHiHgerOt3lPN8=/60x60/s3.amazonaws.com/arc-authors/sltrib/a7e1ce28-5353-4737-87a7-c7be13b28f3c.png
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
2241156dc13b923c1f9a14836dd14c1cd33ea355f92028b8a4e1851f4500648b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
x-check-cacheable
YES
x-serial
1294
arc-country
DE
etag
"e2c95998db39338eaff6e9b0fa3d41d5c062a3fa"
strict-transport-security
max-age=86400
content-type
image/webp
cache-control
private, max-age=30435631
last-modified
Wed, 04 May 2022 19:46:33 GMT
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
server-timing
cdn-cache; desc=HIT, edge; dur=8
content-length
1062
server
Akamai Image Manager
expires
Thu, 04 May 2023 19:45:58 GMT
BBUE4KUU2VG6ZPZH3DPDA5VSN4.png
www.sltrib.com/resizer/csai55lPvlu3N_6ofLQgw7tkCII=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/csai55lPvlu3N_6ofLQgw7tkCII=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/BBUE4KUU2VG6ZPZH3DPDA5VSN4.png
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
c65114918706da0d963bfa9825759dec6f5ffee2e8a1119e1f1c34fab18bf25c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
x-check-cacheable
YES
x-serial
1699
arc-country
DE
etag
"515c2d602f078a06bab409be1bd593922bf6a39f"
strict-transport-security
max-age=86400
content-type
image/webp
cache-control
private, no-transform, max-age=31466406
last-modified
Mon, 16 May 2022 18:04:56 GMT
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
server-timing
cdn-cache; desc=HIT, edge; dur=8
content-length
7026
server
Akamai Image Manager
expires
Tue, 16 May 2023 18:05:33 GMT
HNXL6HVUTVHXBLLLSRUMH7Q5WA.jpg
www.sltrib.com/resizer/-C60TnefPhjiV3mQO4xJF-ZEsn8=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/-C60TnefPhjiV3mQO4xJF-ZEsn8=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/HNXL6HVUTVHXBLLLSRUMH7Q5WA.jpg
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
55783d0a97f6c534aaf39db045ce366c6d0e1f0bad65006ccd6d5affb72f2621
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
last-modified
Mon, 16 May 2022 12:01:57 GMT
server
Akamai Image Manager
arc-country
DE
etag
"3d150eca680880ba11539c1bfe6ee030966fabf7"
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, no-transform, max-age=31444538
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
server-timing
cdn-cache; desc=HIT, edge; dur=14
content-length
4069
expires
Tue, 16 May 2023 12:01:05 GMT
VL56AQOUWRDBZEHC5ALXPX5XRM.JPG
www.sltrib.com/resizer/j6EnXR0fxgSzAa_xqD20D4R2ro8=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/j6EnXR0fxgSzAa_xqD20D4R2ro8=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/VL56AQOUWRDBZEHC5ALXPX5XRM.JPG
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
f0dbf9315fbfb1c26334eb6ec61efabf74cec51df84318110f8d1c8c3ae8dc12
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
x-check-cacheable
YES
x-serial
167
arc-country
DE
etag
"5eabd4c9cc4fa60357eb2caf461429d1591b1d04"
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, no-transform, max-age=31444669
last-modified
Mon, 16 May 2022 12:01:56 GMT
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
3600
server
Akamai Image Manager
expires
Tue, 16 May 2023 12:03:16 GMT
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.157.1.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-1-118.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 05:18:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
29191
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 268679e7d17267a1a7a03722822fb800.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
DUS51-P2
X-Amz-Cf-Id
mHVKe3zPHQmAF7kmXS73lmSkMjL_dpxCeabAsp3f9DHW7EbK9x_I9g==
ballantine.js
www.sltrib.com/pf/resources/js/ 		465 B
842 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/ballantine.js?d=283
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
1349f8a177348d0812701b1d014b76c7dba107cb9793792379e70cfeb35ed80d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
BJV2GCGY9E1H0CG5
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
262
x-amz-id-2
45pkUbZqaZrHIa5cnysaRvVAHeuuke+LROSMiNQgTY/4enEvS7thavNRMuxewWEuc0dawxxdYC8=
last-modified
Tue, 10 May 2022 23:21:14 GMT
server
openresty
etag
W/"75f660e0bf36975883d65bcb4206e252"
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 17 May 2023 13:25:27 GMT
sltrib-logo.svg
www.sltrib.com/pf/resources/svg/ 		28 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/pf/resources/svg/sltrib-logo.svg?d=283
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
50218b350ecd9694900e829cfc6c60e47693ef3cb35a07774414ef83a911f1b4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
BJVAZ1DGTHYS3XHS
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
10808
x-amz-id-2
xvuIAVgYiHPg30BFBr7QqJWFwGgzdfuG7YxP7nsMkhaXqPSOsF1CavbXRCzqOqZatVK4ZlEFoCU=
last-modified
Tue, 10 May 2022 23:21:15 GMT
server
openresty
etag
W/"25e4e564ed5f244539f01a165c33c5aa"
strict-transport-security
max-age=86400
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 17 May 2023 13:25:27 GMT
trib_masthead.svg
www.sltrib.com/pf/resources/svg/ 		34 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/pf/resources/svg/trib_masthead.svg?d=283
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
d7ab0f1e31217960c7bcf0bdb822374271344c75aab4da7825505571e7e9035e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
BJVE4TR0R36KB407
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
10113
x-amz-id-2
P5/HkotHcEHox02NdHf0sk/5s7lPqEcsnv0PP5ZmJ40cYtymLCoTWuwQJLSrAP9AUwhkpMh+toc=
last-modified
Tue, 10 May 2022 23:21:15 GMT
server
openresty
etag
W/"ac682bbc23ad2715870b9244bcf8f9d5"
strict-transport-security
max-age=86400
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 17 May 2023 13:25:27 GMT
ad-video.js
www.sltrib.com/pf/resources/js/ 		736 B
946 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/ad-video.js?d=283
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
5667221d6dbbbcd25aad22b734bb02b2afa806492457c6d41396b6a6d6cffd38
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
content-encoding
gzip
etag
W/"11f2b6956152305324e354bfd9b905bd"
x-amz-request-id
BJVCXZ9FK2CGQD9J
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
340
x-amz-id-2
xmFisPGhdrnmo+y11qh6czJj+TJ1+WNuR4yEBrfFfs18fTBlxAXvznlMfzxgVh+HfdXoOp3Wvyw=
last-modified
Tue, 10 May 2022 23:21:14 GMT
server
openresty
x-edgeconnect-cache-status
1
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 17 May 2023 13:25:27 GMT
outbrain.js
widgets.outbrain.com/ 		200 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.18.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-18-74.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4a310f3bd2c5387ef4ed9954af867011cdb0766de3f92f093e5bd00884db7178

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
content-encoding
gzip
last-modified
Tue, 17 May 2022 07:44:57 GMT
etag
"16-4ssJ/PTdEh2EiZLJyM4KDzMTXIk"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
46539b11da3b6d97f7584ff10377f299
timing-allow-origin
*, *
content-length
70445
google-analytics.js
www.sltrib.com/pf/resources/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/google-analytics.js?d=283
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
72d3bb48505405120796571830ae74c4f871f03a9052d080cde2190aa926b1ee
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:26 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
BJV8CG7G51YJK18J
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=7
content-length
931
x-amz-id-2
SDE9I1CalZuVQRTFXPe0gZY6EUEVVOpxeAmB1VrI8obdKcCTSVInvFKLiGh3wJvrl2vjADGXMgI=
last-modified
Tue, 10 May 2022 23:21:14 GMT
server
openresty
etag
W/"2615a770e33c9ec8523382d136d1f7e8"
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 17 May 2023 13:25:26 GMT
google-tag-manager.js
www.sltrib.com/pf/resources/js/ 		747 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/google-tag-manager.js?d=283
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
7eb2af8a6315d058a1e7b87fadf2070e8fc0b2449b0a89da20c5b912de500acd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:26 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
BJV9XYMRQXT3X3SD
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
406
x-amz-id-2
66odVLSc6akcrMWAK3bs47YmqRTdvegHN2DF/BlMr7IU3kknRiCSyK5xz4goEbFbpSTFmZtk8Js=
last-modified
Tue, 10 May 2022 23:21:14 GMT
server
openresty
etag
W/"d2c8fb2ca910eadf27baa9157fba21a3"
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 17 May 2023 13:25:26 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
3f5fce810a506822eedbf33946b50aac5c1898f3789343a7f3ca5008270ce0c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28366
x-xss-protection
0
server
sffe
etag
"1217 / 295 of 1000 / last-modified: 1652785528"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 17 May 2022 13:25:27 GMT
chartbeat.js
www.sltrib.com/pf/resources/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/chartbeat.js?d=283
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
b6322113217b4fac79ad5b27613c9c66d466e67fad90363e743c87df4843acd7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:26 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
BJV2XCHZN9XHW0RH
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=12
content-length
1314
x-amz-id-2
4Ft9Q/TigjVReu0bXPm8+fkkxKLClpkDawBjWKOk5fxDRAjYIg21vrqcmaZ0mI2ZB8ce6wLgYIQ=
last-modified
Tue, 10 May 2022 23:21:14 GMT
server
openresty
etag
W/"22d3c7b3a6a4b2de423042230a8a3822"
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 17 May 2023 13:25:26 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		22 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8800:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4be319fc7e78bf1beb5b73bb76e33e445bf3170ebcd66fd72639743115287a2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 12:54:17 GMT
content-encoding
gzip
last-modified
Wed, 13 Apr 2022 00:18:19 GMT
server
nginx
age
1870
etag
W/"625616cb-595b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
eE0XqO7XRhOE7rp5S3REvVX_C2czqRdS-5nJCTsrKqlOoJmcZNgA_Q==
expires
Tue, 17 May 2022 14:54:17 GMT
apstag.js
www.sltrib.com/pf/resources/js/ 		949 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/apstag.js?d=283
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
4f820f0ef60feea0b9127f668b9fb37ed82e6f9265859d43a826336cf428f507
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
BJV1DDKH8QP74BDC
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
495
x-amz-id-2
E3jnn8i7E6Q/mcUs5zVLNrvEp4GcchtbG0DPBdlmFabn2wTTHtrsARSewEG5SIKrUE25zJdE2y4=
last-modified
Tue, 10 May 2022 23:21:14 GMT
server
openresty
etag
W/"2ee185c1ae18ff242247763a007ccf2e"
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 17 May 2023 13:25:27 GMT
ad-slider.js
www.sltrib.com/pf/resources/js/ 		730 B
933 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/ad-slider.js?d=283
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
37e4ecedf0ab53a8f928507a9ae337f5871230f4525ce7e8070af4b21c17412d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
BJVFHMF255A7H7V7
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
351
x-amz-id-2
v1P05N0i3xGY8TqaZzVi56AVQ96C+9SQPONekuDvRyERckCOoc1M8IkY5h5QFyy9CGLjgmliYN4=
last-modified
Tue, 10 May 2022 23:21:14 GMT
server
openresty
etag
W/"c1aae5ed5833503095f1c285308e8ac3"
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 17 May 2023 13:25:27 GMT
ad-blocker.js
www.sltrib.com/pf/resources/js/ 		694 B
978 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/ad-blocker.js?d=283
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
403f82f5023b7899ecc6ea3059c0b29c10d6719e7f8464e0625c8f5d02c9b69c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
BJV0AVWPBYEK6HYG
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
394
x-amz-id-2
OOF99sjvDkRhxNLkURlMpA46/EKgaj8Nlv6hyreMKz/EYGbVhPQTmNtnF1PTa1bJXzus+RDf+e8=
last-modified
Tue, 10 May 2022 23:21:14 GMT
server
openresty
etag
W/"8400f83f0cc8263a503add31576d1164"
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 17 May 2023 13:25:27 GMT
piano.js
www.sltrib.com/pf/resources/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/piano.js?d=283
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
73462f4632ef44f6cadc5e49791a1883d570ab30c4ffcec4597dd1bf97071404
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
BJVB3WHXN3X4Q97D
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
1148
x-amz-id-2
EQF3FCADqFcg81avBs6S62YU3RIkVb/VfvvdM/lj3U82agA/V2JimduR3XZL4g4LQcdPACRGPDg=
last-modified
Tue, 10 May 2022 23:21:14 GMT
server
openresty
etag
W/"67a9616fd03e2308b1cfb1faf8c8dbf9"
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 17 May 2023 13:25:27 GMT
osano.js
cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/ 		428 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:234e:6c00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
d7b7759040b37582adff4067722273fe68a4a63a2a1db0fd769bb9541ceff058
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 04:53:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
30716
x-cache
Hit from cloudfront
content-length
106313
x-xss-protection
mode=block
last-modified
Mon, 16 May 2022 15:12:05 GMT
server
CloudFront
x-frame-options
SAMEORIGIN
etag
"02370a020d401ac27991d430ef647bbc"
strict-transport-security
max-age=2592000
content-type
application/javascript; charset=utf-8
via
1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
cache-control
public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop
OSL50-P1
x-amz-cf-id
6Hv343SiHKqIgnUclVyVgeaU2YPqLBpgu4oYG7V6yeseJ8TFeCXThw==
8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
d3plfjw9uod7ab.cloudfront.net/ 		239 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:c800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be93748736b4c2bea8dcb11c82353e1be9786869c78e4b30935f1226511a4f05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
lk1Yx7vgjpk_HunY1WRU.YcDuKm2e3wc
content-encoding
br
last-modified
Sat, 30 Apr 2022 14:32:24 GMT
server
AmazonS3
age
2774
etag
W/"8d6e17573798808529e0e29aee08e67e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
cache-control
max-age=3600, public
date
Tue, 17 May 2022 12:40:26 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
Be06VuTu_uXELmGbRnlL7Z0aNNztqsiap6f8dbqYg7Wc4K7bHGjhWw==
facebook.js
www.sltrib.com/pf/resources/js/ 		846 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/facebook.js?d=283
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
6a7dd3acbecddc653446803e807cea2b6a85f3c6c1a6cc349b751f5e965647ad
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:26 GMT
content-encoding
gzip
etag
W/"88ccd8266f9a877f78c9ea893d8b8afd"
x-amz-request-id
BJVD37CK06H06J57
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=16
content-length
441
x-amz-id-2
6g8ExLDaIoSfXU69XVgIsiivEmLwINhbbwMJ9nz/uZW9fIJQpaFVZD1jKXWZugS56VRT6qI0wYs=
last-modified
Tue, 10 May 2022 23:21:14 GMT
server
openresty
x-edgeconnect-cache-status
1
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 17 May 2023 13:25:26 GMT
twitter.js
www.sltrib.com/pf/resources/js/ 		805 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/twitter.js?d=283
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
325eb0ed9c4b2173718116d97c78e067f83311ed07570de76d154881bee92947
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:26 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
BJV6JYK3H0YM2PVC
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=12
content-length
428
x-amz-id-2
xLXuxiS6dTJbhjEg+Yas5SLTwxdOp72DeLiPNX68Y6/fvWZrYyGjYt6rTgX8VScXpHGj2GzX0OU=
last-modified
Tue, 10 May 2022 23:21:14 GMT
server
openresty
etag
W/"5a2f1dc2518862e9d5beed543cee9f82"
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 17 May 2023 13:25:26 GMT
queryly.v4.js
www.queryly.com/js/ 		46 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.queryly.com/js/queryly.v4.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:497c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
03f828151d98a9c79b64d4a9a3d342a08e3f12623f2c38a1fba5f8984f52d329

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
44332
x-powered-by
ASP.NET
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
last-modified
Sun, 15 May 2022 05:51:58 GMT
server
cloudflare
etag
W/"0d3a5e31f68d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SPuCA1%2FfTj5U8AuR8yh8cCRinaUIix2tDmkTGSVrAe4axCDyz%2FkfjV2o41IAuDBggbl02QrSCYmd%2FfCRXdKIhkiVIWub8V96B3MgpCtj5cK%2Bd1CJyQeYzEsLPX5FtrAVbjsdHCHyctlvSIqNwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
70ccaddda9a75cb0-FRA
access-control-allow-headers
*
queryly.js
www.sltrib.com/pf/resources/js/ 		137 B
769 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/queryly.js?d=283
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
aa21d0ddbc7cb318d1367bab72630267ec09559a269a23672cebf582d36386ca
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:26 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
BJV0BQ77GDD7Y9B2
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
137
x-amz-id-2
KS68VrdyaFP9ObXyrSyRmM7Tv2ledgkI/EHUCcdqLa+Y0aEgK9V454fShETBvj0uR6Ae1vtD0XI=
last-modified
Tue, 10 May 2022 23:21:14 GMT
server
openresty
etag
W/"6f71954a503275c7a33c5069434fddb5"
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 17 May 2023 13:25:26 GMT
sltrib-advanced-search.js
www.queryly.com/js/ 		22 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.queryly.com/js/sltrib-advanced-search.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:497c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7c207b3ed9feda70543fb75e8d0172f262a909522db37f7e3e22249a075a2760

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43969
x-powered-by
ASP.NET
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
last-modified
Wed, 05 Jan 2022 20:39:51 GMT
server
cloudflare
etag
W/"8052163742d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JpOMcbloQ47IGvz0GUsHPNrCxZmBykDm%2Fom%2Bdnk%2BkFqoXKzL8iZltl%2BGehq%2B%2FZ%2Fh4ey0AuucWFf2th70Cqpe1ItLgXY5BaNTYCqg9HfsOHrvz9JxKzVXrRJtd9HaarbhvtIiHIgKWz54pygJCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
70ccaddda9a95cb0-FRA
access-control-allow-headers
*
EQ5PL-TYNFS-SR6UD-ZERFB-E2CY6
s.go-mpulse.net/boomerang/ 		202 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/EQ5PL-TYNFS-SR6UD-ZERFB-E2CY6
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2b9::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
content-encoding
br
last-modified
Mon, 18 Apr 2022 19:29:03 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
51580
73GNBBL2FNBC3KEQ5WXFB2LVLI.jpg
www.sltrib.com/resizer/ygJhj0EIpya2IY2URgIjKencpTg=/1024x650/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/ygJhj0EIpya2IY2URgIjKencpTg=/1024x650/cloudfront-us-east-1.images.arcpublishing.com/sltrib/73GNBBL2FNBC3KEQ5WXFB2LVLI.jpg
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
22be49ce866a34ae0c3242ea58bd3cedb4084867009cf100e8149d4d0d2eed4a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
x-check-cacheable
YES
x-serial
1682
arc-country
DE
etag
"6c6aa7ec1cc6157f41e8cf4d8606d57976a66c48"
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, no-transform, max-age=28001586
last-modified
Wed, 06 Apr 2022 15:39:41 GMT
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=209
content-length
52785
server
Akamai Image Manager
expires
Thu, 06 Apr 2023 15:38:33 GMT
truncated
/ 		842 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
462f8a9becd0c3fe2ff5f35f32d9ec980cab1ae3a715b9f7ba03e544134d815c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/pf/resources/js/google-analytics.js?d=283
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3979
date
Tue, 17 May 2022 12:19:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 17 May 2022 14:19:08 GMT
gtm.js
www.googletagmanager.com/ 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WJJTW7K
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/pf/resources/js/google-tag-manager.js?d=283
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
750671a89441f6467fe80a4e743aac5914f2b6a2c95376d4922c8fd58f4d6db5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59561
x-xss-protection
0
last-modified
Tue, 17 May 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 17 May 2022 13:25:27 GMT
chartbeat.js
static.chartbeat.com/js/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/pf/resources/js/chartbeat.js?d=283
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8800:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
04d64f65072f624d3a1c5c29b27f02e1d8c09aad3d1f7b1a2b86f200cdc883aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 12:20:45 GMT
content-encoding
gzip
last-modified
Wed, 20 Apr 2022 00:08:30 GMT
server
nginx
age
3882
etag
W/"625f4efe-8bf5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
w1eeI4aPdoH5Y6YSgDkmiLZtiTnpqQiP5IVqJjoQvHYu3G8Al1yIbQ==
expires
Tue, 17 May 2022 14:20:45 GMT
8d82a4d3-a206-4e49-9c15-68d5c36aa42e
analyticssystems.net/api/v2/client/impression/ 		0
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/client/impression/8d82a4d3-a206-4e49-9c15-68d5c36aa42e?rand=988431&referer=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7fCtkIMUPl0pbm0vY4US94PCDdA%2BRSOqXFB5fB668LS9RTOAOIZUsREGI0ZFmgBEeNeSWTFL%2FGnGPVAVMyZv3SAFejBrjfgeYuABs3JECvB%2F0xlz8rvqco2cR2W9ygZptvDbG1cxVMgS8a8x4WjkFdVxMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
70ccaddeabbf924a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
Fu_nUfjPSEBFqPMCx9Jx
activityi;dc_pre=CJClv5fR5vcCFf0hBgAdPA4H4g;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626
8208269.fls.doubleclick.net/ Frame 6F07
Redirect Chain
  • https://8208269.fls.doubleclick.net/activityi;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626?
  • https://8208269.fls.doubleclick.net/activityi;dc_pre=CJClv5fR5vcCFf0hBgAdPA4H4g;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626?
527 B
427 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8208269.fls.doubleclick.net/activityi;dc_pre=CJClv5fR5vcCFf0hBgAdPA4H4g;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626?
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f134.1e100.net
Software
cafe /
Resource Hash
deb3a41db86aa04ea855a26256fcf79c19829888ab9dec89f330f7f93508067d
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
402
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:25:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:25:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8208269.fls.doubleclick.net/activityi;dc_pre=CJClv5fR5vcCFf0hBgAdPA4H4g;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CJabvpfR5vcCFZsbBgAdhb8Gww;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626
8234312.fls.doubleclick.net/ Frame FE5A
Redirect Chain
  • https://8234312.fls.doubleclick.net/activityi;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626?
  • https://8234312.fls.doubleclick.net/activityi;dc_pre=CJabvpfR5vcCFZsbBgAdhb8Gww;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626?
527 B
429 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8234312.fls.doubleclick.net/activityi;dc_pre=CJabvpfR5vcCFZsbBgAdhb8Gww;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626?
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f134.1e100.net
Software
cafe /
Resource Hash
62146c20958fbadca7d1cd8715cc793e6f5c9eb8697dfc6deb9bdbb7032b5a5a
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
404
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:25:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:25:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8234312.fls.doubleclick.net/activityi;dc_pre=CJabvpfR5vcCFZsbBgAdhb8Gww;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
uwt.js
static.ads-twitter.com/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/pf/resources/js/twitter.js?d=283
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f500e38f31cccd6e39a843d0332dd1129b1bca5aadebcd9f233063e8d3d0f482

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
content-encoding
gzip
last-modified
Wed, 11 May 2022 18:57:33 GMT
etag
"a887c9733d6ae5f9cfe844d49227fe99+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
13673
x-served-by
cache-iad-kjyo7100079-IAD, cache-muc13937-MUC
whitecloseicon.png
www.queryly.com/images/ 		816 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.queryly.com/images/whitecloseicon.png
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:497c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
130730
x-powered-by
ASP.NET
content-length
816
last-modified
Thu, 11 Jun 2020 23:20:57 GMT
server
cloudflare
etag
"d7046f64640d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0G41ZO26qnMRSv9P0m1vGlWCTTHpXk85nAJUNLkkOlBKR1i4wwId22X9l%2BG1%2FExpUrSR3IT73gjB6drCxw8pZI4jT1QAyBvRiCyd5JbzPviMs8aafRTDEvyFrBgcQuLAG5CzVCQS18cx4Hf9zA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
70ccadde5ad75cb0-FRA
access-control-allow-headers
*
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 		92 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Requested by
Host: www.queryly.com
URL: https://www.queryly.com/js/sltrib-advanced-search.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 17:44:48 GMT
x-content-type-options
nosniff
age
157239
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93868
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 May 2023 17:44:48 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		197 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=sltrib.com&domain=sltrib.com&path=%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7582354aac0b69ddb4805d6c6a5aa500bd1ea1419d1e9180ff7ec248aa75a538

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
content-encoding
gzip
x-cache-hits
0
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
155
x-served-by
cache-hhn4022-HHN
access-control-allow-origin
*
x-timer
S1652793927.479731,VS0,VE103
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
via
1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Sun, 15 May 2022 13:25:27 GMT
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/webp
coral-comments
www.sltrib.com/pf/api/v3/content/fetch/ 		21 B
431 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/api/v3/content/fetch/coral-comments?query=undefined&d=283&_website=sltrib
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
e41656eb2ba6c6293bf6dd928e5a88cdbc50535cab661c1969e0f598e497ed62
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
server
openresty
arc-country
DE
etag
W/"15-/6VXivhc2MKdLfIkLcUE47K6aH0"
strict-transport-security
max-age=86400
content-type
text/plain; charset=utf-8
cache-control
max-age=0
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=55
content-length
21
expires
Tue, 17 May 2022 13:25:27 GMT
menu.svg
www.sltrib.com/pf/resources/svg/ 		222 B
754 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/pf/resources/svg/menu.svg?d=283
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
9041f63adc7ef5badf30edfdd51d94832df52c6a93c52ba91ea270c107847b82
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
5YBH35MBPJZ03527
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=13
content-length
188
x-amz-id-2
uiNEcnFjzsyDOhsGknRh579anQaU2HGxrSuHzpTKgUvRewJSM12o9doaUkWn1+8SkrdRVKs78fc=
last-modified
Tue, 10 May 2022 23:21:14 GMT
server
openresty
etag
W/"2ad563e730ce63c718f6dbed5962a52a"
strict-transport-security
max-age=86400
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 17 May 2023 13:25:27 GMT
whitesearchicon.png
www.sltrib.com/pf/resources/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/pf/resources/img/whitesearchicon.png?d=283
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
22bc956a539f85eb61b4e61a9601c9cafd7df6b5caf2b119c0e142fce86a50e3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
last-modified
Tue, 10 May 2022 23:22:57 GMT
server
Akamai Image Manager
arc-country
DE
etag
W/"3b58a206fb7dc186939b1000fb5bbd91"
strict-transport-security
max-age=86400
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=30967103
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
server-timing
cdn-cache; desc=HIT, edge; dur=13
content-length
2012
expires
Wed, 10 May 2023 23:23:50 GMT
Trib_masthead_top_000000.svg
www.sltrib.com/pf/resources/svg/ 		14 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/pf/resources/svg/Trib_masthead_top_000000.svg?d=283
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
a6b9ca255d1b81f64849a3e0412ee94a858f10baafb862bfd715541afdb012df
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
5YBV2P0JJTJ93TT3
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=9
content-length
4810
x-amz-id-2
vGAjm0wUM+Tpc4m9p7JlFVtm1JObEDLCOdhQh/SrLendD3ngN0oyjq1r5G4On36NLbcdU6oqIrM=
last-modified
Tue, 10 May 2022 23:21:15 GMT
server
openresty
etag
W/"0a6e5f60fd6a9d23f560d424745802f9"
strict-transport-security
max-age=86400
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 17 May 2023 13:25:27 GMT
person.svg
www.sltrib.com/pf/resources/svg/ 		291 B
789 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/pf/resources/svg/person.svg?d=283
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
f8a691e6f523905cca35f8488a78ceadbaa81c057adf1b5a4817871ad27bf787
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
5YBHSXMYXA0B3KGE
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=3
content-length
222
x-amz-id-2
CrRLYkxYlCyx2Ka29B7h1D5RNDKgc//MCL1hGVM/4Xk4eNWwtMNGaNApGUovKVOK57lvVZAZ/ns=
last-modified
Tue, 10 May 2022 23:21:14 GMT
server
openresty
etag
W/"0b49da62bedb71c6594b7421f72768e1"
strict-transport-security
max-age=86400
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 17 May 2023 13:25:27 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=sltrib.com&p=%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&u=0Dlg5Cg6TvsCd5PmZ&d=sltrib.com&g=65212&g0=News&g1=Peggy%20Fletcher%20Stack&n=1&f=00001&c=0&x=0&m=0&y=4045&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1651&t=OYSKOCgZ5_4DSS8jjCfOcwGCxgEeS&V=132&i=Richest%20Utah%20native%20vows%20to%20give%20away%2090%25%20of%20his%20billions&tz=0&_hottopic=&sn=1&sv=BDhPSICeR72JDYIXG5jmFnYByQIw8&sd=1&im=067b2ff3&_
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.106.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-106-187.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:27 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
connatix.player.dc.js
cds.connatix.com/p/162633/ Frame 08BF
Redirect Chain
  • https://cd.connatix.com/connatix.player.js
  • https://cds.connatix.com/p/162633/connatix.player.dc.js
880 KB
206 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/162633/connatix.player.dc.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
09b2536167289d87ce5f56d086073c36eff67c59a2846a23a211a381302aa349

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:28 GMT
content-encoding
br
last-modified
Tue, 17 May 2022 10:15:52 GMT
age
9457
etag
"91ce7cee25718a5c83d873d78f16bad5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
210265

Redirect headers

location
https://cds.connatix.com/p/162633/connatix.player.dc.js
date
Tue, 17 May 2022 13:25:27 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
content-length
0
access-control-max-age
86400
apstag.js
c.amazon-adsystem.com/aax2/ 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/pf/resources/js/apstag.js?d=283
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-202.dus51.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:16:28 GMT
content-encoding
gzip
age
538
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
1TPW00SPFW91FRVNE7Q6
etag
4abd427e43cd6822329a2c05539e321f
vary
Accept-Encoding
x-amz-version-id
STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3
via
1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
1Y49bM4ftOHqWyj7RgxdXd6RJwyEwE_lszVQl3tcEfdaE4NPKRcnKA==
connatix.playspace.dc.js
cds.connatix.com/p/162633/ Frame BEF5
Redirect Chain
  • https://cd.connatix.com/connatix.playspace.js
  • https://cds.connatix.com/p/162633/connatix.playspace.dc.js
879 KB
205 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/162633/connatix.playspace.dc.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2dc8cc2dda9094e3e3042ebdbce7aee0dccddc392d6237306d23394ffc5de97

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:28 GMT
content-encoding
br
last-modified
Tue, 17 May 2022 10:15:52 GMT
age
9457
etag
"9c39aa5b777134cf07646d02cc121d49"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
209888

Redirect headers

location
https://cds.connatix.com/p/162633/connatix.playspace.dc.js
date
Tue, 17 May 2022 13:25:27 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
content-length
0
access-control-max-age
86400
pubads_impl_2022051201.js
securepubads.g.doubleclick.net/gpt/ 		368 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
7e34e3650444be4442224a77990a95d0ba66457124adf9e73df76e8134110d1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 12:53:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1934
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127621
x-xss-protection
0
last-modified
Thu, 12 May 2022 08:35:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 17 May 2023 12:53:13 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		265 B
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.sltrib.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
318802bbb26a15e938d4eb18ddd0a974295b637973cfbabca1c802b972ef32a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 13:25:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
141
x-xss-protection
0
expires
Tue, 17 May 2022 13:25:27 GMT
advertising.js
www.npttech.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/pf/resources/js/ad-blocker.js?d=283
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5476 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1552
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
W21G5BEW7RCCHDT7
x-amz-id-2
Zu6ILWClLDymSszCekw1FgRgMXhY9/GZQ0NEsF2aH+IaAnsD6k2rY0pXHao7xZEqORbyGvE2I48=
last-modified
Wed, 19 Jun 2019 08:25:01 GMT
server
cloudflare
etag
W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YqSvSL5e1GQid19paoJDcUvvhnNfujhLO%2FF%2BnQB8Gr%2FEpwx7Js9ECIztazqlhjDlaHAAWZ2ixv6CtELg7Weq1fbMTTh9%2FeKzTJ3KGWNM8dZ2%2B4%2FXVpmfnTjBdFfpXkeD%2B3I6lhj%2Bf3vewdlYbYE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
x-amz-version-id
hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray
70ccade0ca599a03-FRA
d3d3LnNsdHJpYi5jb20=
tcheck.outbrainimg.com/tcheck/check/ 		15 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d3d3LnNsdHJpYi5jb20=
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.8.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-8-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 13:25:27 GMT
ETag
W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=37789
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
d38985778427b09d3ad4bd9ff8c4139b
Content-Length
15
Expires
Tue, 17 May 2022 23:55:16 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.18.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-18-74.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Thu, 16 Jun 2022 13:25:27 GMT
load
experience.tinypass.com/xbuilder/experience/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=vxCIN3E3cT
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/pf/resources/js/piano.js?d=283
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
281a1c5996dabee532e69c0be0d9bdef31178f9eb492bd9d96a3d69083894889
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
HIT
age
117
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
C5v31craJP9
wn
prod-exp-10-0-119-95
last-modified
Tue, 17 May 2022 13:23:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=1800
cf-ray
70ccade17bcd9022-FRA
expires
Tue, 17 May 2022 13:55:27 GMT
/
cmp.osano.com/ Frame AAD0 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:234e:6c00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
23847
content-encoding
gzip
content-type
text/html
date
Tue, 17 May 2022 06:48:08 GMT
etag
W/"287b497c992487af362d33204f87d28f"
last-modified
Thu, 21 Oct 2021 22:01:08 GMT
referrer-policy
same-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding Origin
via
1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-id
mikfmb4WvjWS_Q1XxM5X4ahXCeefjlYAoZVwInpCB-MiXFrRnXWAbA==
x-amz-cf-pop
OSL50-P1
x-amz-version-id
xT1PkIFehetvNf5lINcU02FbT3u47kBr
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
a546f45f-e438-401c-9fe7-18860160b8b1
https://www.sltrib.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.sltrib.com/a546f45f-e438-401c-9fe7-18860160b8b1
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
adsct
analytics.twitter.com/i/ 		43 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.3.9&p_id=Twitter&p_user_id=0&txn_id=o0jhs&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=d6eabd42-1398-4ab5-9543-170819c48a95&tw_document_href=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-response-time
111
date
Tue, 17 May 2022 13:25:28 GMT
server
tsa_o
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
a330a35bdb455ec6e4b097867e32b7aa21f792e4bdfab85eed3229d64feb3161
content-length
43
adsct
t.co/i/ 		43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.3.9&p_id=Twitter&p_user_id=0&txn_id=o0jhs&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=d6eabd42-1398-4ab5-9543-170819c48a95&tw_document_href=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-response-time
110
date
Tue, 17 May 2022 13:25:27 GMT
server
tsa_o
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
6d0a38b0d99a57e9fbd5f9bc3c7131032189903186ca0c29c22f0c2d69b6071f
content-length
43
/
adservice.google.com/ddm/fls/i/dc_pre=CJabvpfR5vcCFZsbBgAdhb8Gww;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626;~oref=https://www.sltrib... Frame 5EB5 		526 B
475 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CJabvpfR5vcCFZsbBgAdhb8Gww;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Requested by
Host: 8234312.fls.doubleclick.net
URL: https://8234312.fls.doubleclick.net/activityi;dc_pre=CJabvpfR5vcCFZsbBgAdhb8Gww;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
27c8ebb49be0ab43d179c77d633ea682312dedf3d6acb71dd16c66be429508e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8234312.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
405
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:25:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
adservice.google.com/ddm/fls/i/dc_pre=CJClv5fR5vcCFf0hBgAdPA4H4g;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626;~oref=https://www.sltrib... Frame ED2A 		526 B
872 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CJClv5fR5vcCFf0hBgAdPA4H4g;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Requested by
Host: 8208269.fls.doubleclick.net
URL: https://8208269.fls.doubleclick.net/activityi;dc_pre=CJClv5fR5vcCFf0hBgAdPA4H4g;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
660962d275be7b6fbd78196177490e51aa557dea68d37ae38bbcdd0866e3c76c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8208269.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
403
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:25:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
asyncPixelSync
pixel.sitescout.com/dmp/ Frame 0A09
Redirect Chain
  • https://pixel-a.basis.net/dmp/asyncPixelSync
  • https://pixel.sitescout.com/dmp/asyncPixelSync
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0,no-cache,no-store
date
Tue, 17 May 2022 13:25:28 GMT
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
server
AC1.1

Redirect headers

content-length
0
location
https://pixel.sitescout.com/dmp/asyncPixelSync
asyncPixelSync
pixel.sitescout.com/dmp/ Frame 44C9
Redirect Chain
  • https://pixel-a.basis.net/dmp/asyncPixelSync
  • https://pixel.sitescout.com/dmp/asyncPixelSync
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0,no-cache,no-store
date
Tue, 17 May 2022 13:25:27 GMT
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
server
AC1.1

Redirect headers

content-length
0
location
https://pixel.sitescout.com/dmp/asyncPixelSync
dda8255d32e6482d
pixel.sitescout.com/iap/
Redirect Chain
  • https://pixel-a.basis.net/iap/dda8255d32e6482d
  • https://pixel.sitescout.com/iap/dda8255d32e6482d
0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/iap/dda8255d32e6482d
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:28 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location
https://pixel.sitescout.com/iap/dda8255d32e6482d
content-length
0
1ea036853c174e3a
clickserv.sitescout.com/conv/
Redirect Chain
  • https://clickserv.basis.net/conv/1ea036853c174e3a
  • https://clickserv.sitescout.com/conv/1ea036853c174e3a
43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clickserv.sitescout.com/conv/1ea036853c174e3a
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Server
66.155.71.189 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:28 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control
max-age=0,no-cache,no-store
content-type
image/gif
content-length
43
expires
Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location
https://clickserv.sitescout.com/conv/1ea036853c174e3a
content-length
0
config
c.amazon-adsystem.com/cdn/prod/ 		0
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.sltrib.com&pubid=debf9330-3806-4aee-a4d7-19e9cece1a09
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-202.dus51.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
via
1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.sltrib.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
iE_iXStSuaMTnFU9LIElvLpfK_DjII8tyJkgAXaqZfI7DoPoVOXjJQ==
config
c.amazon-adsystem.com/cdn/prod/ 		0
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.sltrib.com&pubid=debf9330-3806-4aee-a4d7-19e9cece1a09
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-202.dus51.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:27 GMT
via
1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.sltrib.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
BSjI2uY9ASvaiQhVh3UvZxu1oKefbxTVddRGCHCaeOroO6f8qrkamA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-202.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
aaJeHz3g2a7aWr9hYquBq.aDaObnNoK3
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
43968
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 28 Apr 2022 01:41:20 GMT
server
AmazonS3
date
Tue, 17 May 2022 01:12:41 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 3b811cf25a4fdc818f7cfcb16b38d622.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
-Mtn_MYXkAoXdD1AShKxL-0oL64djX4i0DGG0FlRpqW6yE9sRrG-yg==
js
www.googletagmanager.com/gtag/ 		190 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DC2TJEE08T&l=dataLayer&cx=c
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9b8650a6daef22196dc04f51fed727224d6405851527c0876180abb085987d7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:28 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70035
x-xss-protection
0
expires
Tue, 17 May 2022 13:25:28 GMT
v2hyvxgrHJfkYl6hlEwE_DeJHkj9yZoi0A-0oXDVLoMezz_dbeUxp-kA
expansioneggnog.com/ 		90 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://expansioneggnog.com/v2hyvxgrHJfkYl6hlEwE_DeJHkj9yZoi0A-0oXDVLoMezz_dbeUxp-kA
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
212.103.201.35.bc.googleusercontent.com
Software
/
Resource Hash
0d7bcfe9d448ece161270211d83551e97a8b16b0afe4814509348ab6697e3cce
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"af0d781529a274a67b3276befcae5d619e9d04d3b3fc54e8108a99d81930d806"
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-3rjd
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Tue, 17 May 2022 13:25:28 GMT
x-buildnumber
520707442
timing-allow-origin
*
tinypass.min.js
cdn.tinypass.com/api/ 		282 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46f3d37fe2b3a197aa65ff6cd86f59bf7f911686e7936637f5c3d7cfefd5ecb7
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
4267
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
90X1YS3291N4GDBP
x-amz-id-2
s/ylX8mg4wZJ89qVMkVezQN+jO6bC5vx0DCH9VE9rHYSWCN+dn/0UX1YRx2GHOvVdvjiLn7AHyE=
last-modified
Tue, 17 May 2022 08:03:50 GMT
server
cloudflare
etag
W/"d475488c3b237a8a5c582edf783847e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
70ccade3cf5b9022-FRA
expires
Tue, 17 May 2022 17:25:28 GMT
hls.5b3b785f487abbe00eee.js
cds.connatix.com/p/162633/ Frame 08BF 		0
47 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/162633/hls.5b3b785f487abbe00eee.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:28 GMT
content-encoding
br
last-modified
Tue, 17 May 2022 10:15:53 GMT
age
9458
etag
"182f65d040bfb9544bd8f71472475672"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
48258
hls.5b3b785f487abbe00eee.js
cds.connatix.com/p/162633/ Frame BEF5 		0
47 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/162633/hls.5b3b785f487abbe00eee.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:28 GMT
content-encoding
br
last-modified
Tue, 17 May 2022 10:15:53 GMT
age
9458
etag
"182f65d040bfb9544bd8f71472475672"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
48258
8d82a4d3-a206-4e49-9c15-68d5c36aa42e
analyticssystems.net/api/v2/alerts/net/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analyticssystems.net/api/v2/alerts/net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 17 May 2022 13:25:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZVDAImiCb233C8sSMrJgGEXxkifBYBX50n0wiM93OSwKVGDfJ5vKTzalvVxOXYTLHRThvjY1ElBZptRPhvxpzUJnjnvHGPlP%2FbYTL7578jH8KRJbS7Tm%2F3wKciEdtvVHpwiQt33G4E%2BIapnVRaJgUAfVw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
70ccade4fb135c4a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
Fu_nUjs3sA7j4mICV9pB
get.js
buy.tinypass.com/api/v3/anon/captcha/ 		153 B
310 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=vxCIN3E3cT
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37f3f9b7acb35ac8d20a5cc2e3b611d56073a09b5249d43747efd6e37eddaf6f
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
172
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Cot31crQuQt
pragma
wn
prod-dash-10-0-128-235
last-modified
Tue, 17 May 2022 13:22:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
server-time
0.005
cache-control
public, max-age=1200
cf-ray
70ccade4f98e9022-FRA
expires
Tue, 17 May 2022 13:45:28 GMT
execute
c2.piano.io/xbuilder/experience/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=vxCIN3E3cT
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bc9506374314799412409a6dabac3ccc763320779eed5f9382679117dc8a3ba
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 17 May 2022 13:25:28 GMT
content-encoding
gzip
vary
Accept-Encoding, Origin
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
k8g0k9gs2r
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
70ccade57e415bdd-FRA
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1652793928513&sessionId=9f7aaf2a-393c-85ae-df74-14fe0057b6fb&url=www.sltrib.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:28 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
fbd9c7405de676ebe1b559cfc9442b32
Content-Length
4
Expires
0
/
adservice.google.de/ddm/fls/i/dc_pre=CJClv5fR5vcCFf0hBgAdPA4H4g;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626;~oref=https://www.sltrib.... Frame E0DA 		194 B
287 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CJClv5fR5vcCFf0hBgAdPA4H4g;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJClv5fR5vcCFf0hBgAdPA4H4g;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
177
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:25:28 GMT
expires
Tue, 17 May 2022 13:25:28 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CJabvpfR5vcCFZsbBgAdhb8Gww;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626;~oref=https://www... Frame 777E
Redirect Chain
  • https://adservice.google.de/ddm/fls/i/dc_pre=CJabvpfR5vcCFZsbBgAdhb8Gww;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626;~oref=https://www...
  • https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CJabvpfR5vcCFZsbBgAdhb8Gww;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626;~oref=htt...
845 B
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CJabvpfR5vcCFZsbBgAdhb8Gww;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJabvpfR5vcCFZsbBgAdhb8Gww;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f134.1e100.net
Software
cafe /
Resource Hash
b3074e2cf0b12bcf10b46ed42bbe45b43ddfb868a7434b8e7b45ec387924c09a
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
506
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:25:28 GMT
expires
Tue, 17 May 2022 13:25:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:25:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CJabvpfR5vcCFZsbBgAdhb8Gww;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ebedbec0-fd5d-42c9-8368-c4c64b14dee0
https://www.sltrib.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.sltrib.com/ebedbec0-fd5d-42c9-8368-c4c64b14dee0
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
skeleton.gif
static.adsafeprotected.com/ 		43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:14:35 GMT
via
1.1 1b18b0df6149933160ee945c6867dc2c.cloudfront.net (CloudFront)
age
24527454
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control
max-age=315360000
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
YklPkW543EujQ35kQIHWlYXyCVGTHEzpTsmgulO3UQgpUgHdoC06oQ==
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1861219499&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&ul=en-us&de=UTF-8&dt=Richest%20Utah%20native%20vows%20to%20give%20away%2090%25%20of%20his%20billions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEABAAAAAC~&jid=6108726&gjid=13656433&cid=1494881405.1652793928&tid=UA-26935592-1&_gid=1643013943.1652793928&_r=1&_slc=1&cd2=Peggy%20Fletcher%20Stack&cd3=News&cd4=2021-11-16T15%3A00%3A00Z&cd5=RWVDIZUM65EOZBQQROIXZVTZJ4&cd6=Richest%20Utah%20native%20vows%20to%20give%20away%2090%25%20of%20his%20billions&cd8=&cd9=&cd7=anon&z=181692378
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
show
buy.tinypass.com/checkout/offer/ Frame 2966 		609 KB
58 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-l9man&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=1494881405.1652793928&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=733f05d86f
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10d386969b3dbff354113ea36cdc4be53ed30a0d9bcae60b3796ca83392a3bd9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
70ccade748229950-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Tue, 17 May 2022 13:25:29 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
no-cache
server
cloudflare
server-time
0.029
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-118-12
x-forwarded-https
on
x-request-id
Cgy31crKdUk
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		4 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-26935592-1&cid=1494881405.1652793928&jid=6108726&gjid=13656433&_gid=1643013943.1652793928&_u=aGBAAEAAAAAAAC~&z=347416360
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 17 May 2022 13:25:28 GMT
content-type
text/plain
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
asyncPixelSync
pixel.sitescout.com/dmp/ Frame 3E7A
Redirect Chain
  • https://pixel-a.basis.net/dmp/asyncPixelSync
  • https://pixel.sitescout.com/dmp/asyncPixelSync
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by
Host: 8234312.fls.doubleclick.net
URL: https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CJabvpfR5vcCFZsbBgAdhb8Gww;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash

Request headers

Referer
https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CJabvpfR5vcCFZsbBgAdhb8Gww;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0,no-cache,no-store
date
Tue, 17 May 2022 13:25:28 GMT
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
server
AC1.1

Redirect headers

content-length
0
location
https://pixel.sitescout.com/dmp/asyncPixelSync
9f30138796dc7a6a
pixel.sitescout.com/iap/ Frame 777E
Redirect Chain
  • https://pixel-a.basis.net/iap/9f30138796dc7a6a
  • https://pixel.sitescout.com/iap/9f30138796dc7a6a
0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/iap/9f30138796dc7a6a
Requested by
Host: 8234312.fls.doubleclick.net
URL: https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CJabvpfR5vcCFZsbBgAdhb8Gww;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5944700903455.626;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8234312.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:28 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location
https://pixel.sitescout.com/iap/9f30138796dc7a6a
content-length
0
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-26935592-1&cid=1494881405.1652793928&jid=6108726&_u=aGBAAEAAAAAAAC~&z=1663948782
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4014:80f::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-26935592-1&cid=1494881405.1652793928&jid=6108726&_u=aGBAAEAAAAAAAC~&z=1663948782
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2loqJzBI-2oHJePkGT6pNwaS2j6-r5VEO8e6bggFFI19AUheumDKQbJmwXehYP8RYVCl9gtx
expansioneggnog.com/ 		209 B
640 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://expansioneggnog.com/v2loqJzBI-2oHJePkGT6pNwaS2j6-r5VEO8e6bggFFI19AUheumDKQbJmwXehYP8RYVCl9gtx
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
212.103.201.35.bc.googleusercontent.com
Software
/
Resource Hash
2198147c2d9a9d39bddd6cc0ca47288c2889b9f36073ac2870d716822a5ff8f5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
access-control-allow-methods
POST, OPTIONS
x-datacenter
gce-europe-west1
date
Tue, 17 May 2022 13:25:29 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-3rjd
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-buildnumber
520707442
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
209
expires
Tue, 17 May 2022 13:25:28 GMT
checkout.bundle.1.1.css
buy.tinypass.com/widget/dist/checkout/css/ Frame 2966 		284 KB
55 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/checkout/css/checkout.bundle.1.1.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-l9man&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=1494881405.1652793928&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=733f05d86f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3af51a1fcf56dc24fb76e38742b42e0afb04939e651ece08e098cc2aecf791d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-l9man&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=1494881405.1652793928&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=733f05d86f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1816
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn
prod-dash-10-0-134-253
last-modified
Mon, 16 May 2022 13:14:28 GMT
server
cloudflare
etag
W/"290737-1652706868000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
text/css
server-time
0.000
cache-control
public, max-age=7200
cf-ray
70ccade89a8f9950-FRA
expires
Tue, 17 May 2022 15:25:29 GMT
platform-translation-map_en_US.js
buy.tinypass.com/ng/common/i18n/ Frame 2966 		60 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=14.157.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-l9man&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=1494881405.1652793928&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=733f05d86f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c537ec70e99aa73c84f05fab949197af5fe3ffc83aa2748ec7845f4d9d1b790b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-l9man&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=1494881405.1652793928&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=733f05d86f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
23420
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn
prod-dash-10-0-84-224
last-modified
Mon, 16 May 2022 01:55:22 GMT
server
cloudflare
etag
W/"61429-1652666122000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript;charset=UTF-8
server-time
0.000
cache-control
public, max-age=86400
cf-ray
70ccade89a909950-FRA
expires
Wed, 18 May 2022 13:25:29 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 2966 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js?v=14.157.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-l9man&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=1494881405.1652793928&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=733f05d86f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1086677
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30360
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ehuD0usVyorUz1YG0FMd484T%2FFj43dcWBK2mG6M684yVd4v0B2Cyt5Smk%2FO8T%2B2H7c7NDaYAvc4TwrCdqGa5x9KED0GjN9FvXufhEIGsVvNj7n28QEi3WkepZdIRGVVd4qzulhK%2Fk83qitFHY%2FStLy6U"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70ccade8ef829ba7-FRA
expires
Sun, 07 May 2023 13:25:29 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 2966 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js?v=14.157.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-l9man&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=1494881405.1652793928&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=733f05d86f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1090050
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3550
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVJ2Xr9N%2FEL2Kp2h1dqgW6U%2FZYq5bL%2FlJoporny8jF6yt269nQf6F%2Bv6yU3buJdQMorTyby1mxhwHGnZqm9LMH1R6TmLRxfuQtPR17z%2BQwWZ%2FzXJSGtBDP1dnfbRdrvM67S%2Bm4Gv4raRfS0J4ggYynGy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70ccade8ef839ba7-FRA
expires
Sun, 07 May 2023 13:25:29 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 2966 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js?v=14.157.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-l9man&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=1494881405.1652793928&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=733f05d86f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6629463
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35086
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYvN5iUV5zV4EJvThXmzWJxQDwFIdiUNRvkmwHgkNT9wZa2Ku7GoprFAyZDsmUjZOgEDgjECXHHWGj9pSV9av5luoJv67mw7p8%2FFC8Qd3snHxy1VhnPbSn9rZdwn8C6C4QWSHUqvOaW1hR8FuC5%2FLQ0y"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70ccade8ef859ba7-FRA
expires
Sun, 07 May 2023 13:25:29 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 2966 		825 B
772 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js?v=14.157.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-l9man&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=1494881405.1652793928&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=733f05d86f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2870005
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
434
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hFF6cIzguDPS8AjZqz2jHrdTeQFEI6dhrabE9wlB8R622wsgVL3v2d3LKJXM42YHfn%2BYmv0mRSev2lrqBFxSmfiuk2PBls12JtyJLtZxBY0PP5swn%2BawuMxI1LqD7bYOZjP0s8RBg7kUDM04rD2T23dB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70ccade8ef869ba7-FRA
expires
Sun, 07 May 2023 13:25:29 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 2966 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js?v=14.157.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-l9man&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=1494881405.1652793928&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=733f05d86f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3109476
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2171
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BRYghJrddTnkpeoZE%2BBr5iL7m7CbsmoFJbthDzh6NuNirAb9xux6UadYh6WhXthK%2BBnSQtwNk0w%2FWPe9e%2FEFWibPC1NkcYtZYK%2BX5P5rJN1IgtCtZU6UIX9D2vZSjnVVzX4671mzCwY8iHZi4KDk%2FPIR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70ccade8ef879ba7-FRA
expires
Sun, 07 May 2023 13:25:29 GMT
angular-touch.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 2966 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-touch.min.js?v=14.157.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-l9man&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=1494881405.1652793928&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=733f05d86f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7135861f8a8768636a90c4fb777082380c84194319273624e88004ab2b9d98d2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1689849
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1321
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-ce0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JK%2F6jrGfcaqPPrYzJRcndZJQyNvYilEOXGT9cW4O4Yr5upql6bLH2WVRID3lJEnQS2vlycGi6zGkXGKkx2TjdRPdv8IslimnpN8p%2BzIYahNZOYncQlDV9MGi%2FBb9RsHzenvoHilZ7I5wp91sIIAraJE8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70ccade8ef899ba7-FRA
expires
Sun, 07 May 2023 13:25:29 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 2966 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js?v=14.157.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-l9man&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=1494881405.1652793928&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=733f05d86f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1561629
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
953
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zF1TrJIfLgjkuIZLp%2F3ZJrtaMshl4Dw8vzZoottjDpUXvPJYQtd1cg2JaMUdEWAyfLN4AttfU9tqGP9TFo8i%2BQAkHSjWiYytlOzvzjlIntJklhP5gWPBnpsuFhajbp5yDG3GLMaCnctNU52rRyTQNgJt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70ccade8ef8a9ba7-FRA
expires
Sun, 07 May 2023 13:25:29 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 2966 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js?v=14.157.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-l9man&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=1494881405.1652793928&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=733f05d86f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6133641
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7490
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FlLobGSaR8sCVp0LLqIDlQ0hayYKj91B%2FO7nfSET5BweYrhAAilOcfpvc9rXOjFcZnOPJ6hNCG47gRaFYUM3vJVYnW76ROHwu7fQGouHq%2FegMwf0g78gOwdRPXbp8SmkNoN9szFF51v5jf9bAPfRxfn7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70ccade8ffb49ba7-FRA
expires
Sun, 07 May 2023 13:25:29 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 2966 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js?v=14.157.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-l9man&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=1494881405.1652793928&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=733f05d86f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2325574
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
910
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-93c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PlH%2Burq42IXJmYtTFYEmGlHUe61a9LPUeNO0q5wW%2B9wSyCN3YPG2bLuCJyGatPZd916%2BNxhe8UpUp38l8BqJXITX9AcGN%2BeiTPmjNvq8hqDBp5JCWF3fB7SB5RLYXmiAk4zzqq%2FsS6VtEUz1%2BBzni4hw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70ccade8ffaf9ba7-FRA
expires
Sun, 07 May 2023 13:25:29 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 2966 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js?v=14.157.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-l9man&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=1494881405.1652793928&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=733f05d86f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6731423
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6934
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-4f8f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDSsJcnBnpe99hiLm2Zy2rVDWLknvkyEJeEkx7F70Ka%2FLDbIHXeH%2BxDhdEjEHHw7wpAB4H2ewBOtOeJzs2HqT1JhxVRrhYf3eTxRVr5dpXfCE%2BWkWTIxypTrOb%2FMO%2B5ddnhWIx1PYhlU%2BohBNQbwHCcP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70ccade8ffac9ba7-FRA
expires
Sun, 07 May 2023 13:25:29 GMT
anime.min.js
cdnjs.cloudflare.com/ajax/libs/animejs/3.1.0/ Frame 2966 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animejs/3.1.0/anime.min.js?v=14.157.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-l9man&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=1494881405.1652793928&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=733f05d86f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7c439ef85646d5f8f9315c229280bea356af66ad56d2eee09d03ebedd2c2d2f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2082930
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6344
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d2a-4377"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FSjBuQrt8Hjav4sLpwuyCrslvLBkV8gw1833ASu0dXGgu2V1EiyrrMEmUweEqGg0zUpxi0fB0idqpQDeTDadJxmxgfkEov1omFzlmNEBwMDQCT18CyFrJBUATikb71Vs6OLHaxgzAAX5sHEjed2VLE5F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70ccade8ef8d9ba7-FRA
expires
Sun, 07 May 2023 13:25:29 GMT
/
js.stripe.com/v3/ Frame 2966 		308 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-l9man&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=1494881405.1652793928&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=733f05d86f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-103.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f7b28bfe32cedf9b2821511b31304e15de2cd44d02c4a7accf2002e59349877d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
32
x-cache
Hit from cloudfront
date
Tue, 17 May 2022 13:24:57 GMT
via
1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
last-modified
Mon, 16 May 2022 19:15:34 GMT
server
Cloudfront
etag
W/"9a1a99f081839fa0eb80d33b8057cf08"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
FRA56-P6
timing-allow-origin
*
x-amz-cf-id
orbSBjT5wxGx7tYft-bif0wPX77bI5AbmC8XdIrT2TPrXBk80I2mng==
H4sIAAAAAAAAAD3IMQ7CMAwAwA_hmCSt1B0xsDCxV6ljlRQ3kXAMPL8bNx5-S165Yy7akZ5Mr2Yd9pZNGDdFMu1th8VqFnaf3-V2j9dIjxl8GM_RD1McTyhlUUx1NUlv8C64ELD4qf5PGiXhmSuYuk0PjPMdMnYAAAA
buy.tinypass.com/_sam/ Frame 2966 		609 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IMQ7CMAwAwA_hmCSt1B0xsDCxV6ljlRQ3kXAMPL8bNx5-S165Yy7akZ5Mr2Yd9pZNGDdFMu1th8VqFnaf3-V2j9dIjxl8GM_RD1McTyhlUUx1NUlv8C64ELD4qf5PGiXhmSuYuk0PjPMdMnYAAAA?compressed=true&v=14.157.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-l9man&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=1494881405.1652793928&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=733f05d86f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b007501413ab1a803b1474dde59828d5f0a6d1013968b36267f70ba33baf363b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-l9man&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=1494881405.1652793928&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=733f05d86f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1222
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn
prod-dash-10-0-81-141
last-modified
Mon, 16 May 2022 13:27:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
text/javascript
server-time
0.006
cache-control
public, max-age=603578
x-optimized-by
_sam
cf-ray
70ccade8aa949950-FRA
expires
Tue, 24 May 2022 13:05:07 GMT
sltrib_masthead_new_subtext_white.png
local.sltrib.com/marketing/ Frame 2966 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://local.sltrib.com/marketing/sltrib_masthead_new_subtext_white.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-l9man&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=1494881405.1652793928&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=733f05d86f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.220.201 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host3.utahdigitalservices.com
Software
Apache /
Resource Hash
99864675faf8dea302b09f4905d80f32a6ca510c9b1118d2692e0df0241c637d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:29 GMT
last-modified
Thu, 24 Dec 2020 18:51:09 GMT
server
Apache
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
28188
expires
Thu, 16 Jun 2022 13:25:29 GMT
trib_logo_white.png
local.sltrib.com/graphics/ Frame 2966 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://local.sltrib.com/graphics/trib_logo_white.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-l9man&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=1494881405.1652793928&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=733f05d86f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.220.201 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host3.utahdigitalservices.com
Software
Apache /
Resource Hash
1a5414e59027131d5ac994ba4fe4386b491145f34e86c9ffe90fb7ea968bcf0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:29 GMT
last-modified
Thu, 13 Feb 2020 21:57:37 GMT
server
Apache
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
9584
expires
Thu, 16 Jun 2022 13:25:29 GMT
m-outer-08a68483638f1673180e789f690b2a14.html
js.stripe.com/v3/ Frame 9B0A 		240 B
980 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-08a68483638f1673180e789f690b2a14.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-103.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
eaf2bd3d92596d7daa1105013ab1a9df04c5638908c58a816aebedd3d299aefd
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://buy.tinypass.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
391
cache-control
max-age=31536000
content-length
240
content-security-policy
default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 17 May 2022 13:19:06 GMT
etag
"08a68483638f1673180e789f690b2a14"
last-modified
Mon, 02 May 2022 23:16:40 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
x-amz-cf-id
_BKuWFz_kRPxek4Q-VunBNPSqINPnizs0nKn7jFfV21OWdoPNSnj9A==
x-amz-cf-pop
FRA56-P6
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame 9B0A 		0
571 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 17 May 2022 13:25:29 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-a862395be942d34811e19def0b9ea803.js
js.stripe.com/v3/fingerprinted/js/ Frame 9B0A 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-a862395be942d34811e19def0b9ea803.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-08a68483638f1673180e789f690b2a14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-103.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
32efd3c886b0811738301f293d38482b2b18f34a7d2b5ed6dd197fd08c821815
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-08a68483638f1673180e789f690b2a14.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P6
x-cache
Hit from cloudfront
date
Tue, 17 May 2022 13:25:30 GMT
via
1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
last-modified
Mon, 02 May 2022 23:16:41 GMT
server
Cloudfront
etag
W/"799080ebea6eade0766c4725741ce6bf"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
hFVQy6xsHQeb-1KhaBpJBQUhdF5-NP0b5R6FfkFlYQmytf8iwzKJ8w==
trackShow
buy.tinypass.com/checkout/offer/ Frame 2966 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/offer/trackShow
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js?v=14.157.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70371d6c1d505eff555d75495b130ac081b5bf0a71cef5c48d663f57e88d870c
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json;charset=UTF-8
Accept
application/json, text/plain, */*
Ng-Request
1
Referer
https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-l9man&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=1494881405.1652793928&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=733f05d86f
X-Requested-With
XMLHttpRequest
Piano-request-without-spinner
1

Response headers

date
Tue, 17 May 2022 13:25:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
0
x-request-id
Chy31crW9pR
pragma
no-cache
wn
prod-dash-10-0-115-232
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
access-control-allow-methods
*
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buy.tinypass.com
cache-control
no-cache, no-store, must-revalidate
server-time
0.002
cf-ray
70ccadeaaeeb9950-FRA
expires
Thu, 01 Jan 1970 00:00:00 GMT
performanceMetrics
buy.tinypass.com/api/v3/anon/assets/ 		166 B
574 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/assets/performanceMetrics?tbc=%7Bkpex%7DGmmCyT-gaBGEgTR7-yvifzjSOhiA8P8X7OD0Gbr26_a5pf0_vV9rLVpkglB9hydZ&aid=vxCIN3E3cT&user_provider=piano_id&user_token=&callApiJsonp=true&callback=jsonp2541
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43735e5b2ae280a3cb398ca23aed6a5ce03c31ceb9e5cdb93685f58a45e226cf
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

cf-ray
70ccadeaef5f9950-FRA
date
Tue, 17 May 2022 13:25:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
wn
prod-dash-10-0-116-91
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
p3p
CP="NON DSP COR OUR IND"
server-time
0.000
cache-control
public, max-age=86400, s-maxage=86400
x-forwarded-https
on
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Chy31craVB3
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&pid=Ki0Ng46gJ0yip&cb=0&ws=1600x1200&v=7.75.0&t=2000&slots=%5B%7B%22sd%22%3A%22sltrib-promo-1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F89799359%2Fnew_sltrib.com%2FNews_Section%2Fleaderboard1%22%7D%5D&pubid=debf9330-3806-4aee-a4d7-19e9cece1a09&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-202.dus51.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:29 GMT
via
1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
x-amz-rid
W4FQEZH6GST3Q17ZQSWE
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
p6gm0opnA5141kSDOxpY4Q5StKuc8KPrJ1MnjjQ9HsFUIjTktgnZOA==
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sltrib.com
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 13:25:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sltrib.com
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 13:25:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1890137346953579&correlator=2356494955630340&eid=31067487&output=ldjh&gdfp_req=1&vrg=2022051201&ptt=17&impl=fif&iu_parts=89799359%2Cnew_sltrib.com%2CNews_Section&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=1&adks=994546634&sfv=1-0-38&ecs=20220517&fsapi=false&prev_scp=SLT-NEW-POS%3Dmob_cube1%2Cleaderboard1%2Cleaderboard1%26div%3Dsltrib-promo-1&cust_params=amznbid%3D0%26amznp%3D0&sc=1&abxe=1&dt=1652793929731&lmt=1652793848&dlt=1652793927010&idt=1211&biw=1600&bih=1200&adxs=436&adys=16&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x90&msz=728x-1&fws=4&ohw=1600&ga_vid=1494881405.1652793928&ga_sid=1652793930&ga_hid=1861219499&ga_fc=true&btvi=0&topics=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
1ed2823d405ec77e43fbd69fdde03c950235f4a1478c2c06ba852c7d945b799c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:29 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8672
x-xss-protection
0
google-lineitem-id
5776511036
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138361238499
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7715dbe6c408e34029715297bac003c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B242 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7715dbe6c408e34029715297bac003c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:25:29 GMT
expires
Wed, 17 May 2023 13:25:29 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&pid=Ki0Ng46gJ0yip&cb=1&ws=1600x1200&v=7.75.0&t=2000&slots=%5B%7B%22sd%22%3A%22sltrib-promo-2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F89799359%2Fnew_sltrib.com%2FNews_Section%2Fbb1%22%7D%5D&pubid=debf9330-3806-4aee-a4d7-19e9cece1a09&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-202.dus51.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:29 GMT
via
1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
x-amz-rid
XZCMD9XCE60PV56H3AG9
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
c5r4KjygFsUuV9FKYf5PWuIR2rHDV1fOKMTngbSV20_MRDXklLLLNA==
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1890137346953579&correlator=2356494955630340&eid=31067487&output=ldjh&gdfp_req=1&vrg=2022051201&ptt=17&impl=fif&iu_parts=89799359%2Cnew_sltrib.com%2CNews_Section&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=2&adks=629866242&sfv=1-0-38&ecs=20220517&fsapi=false&prev_scp=SLT-NEW-POS%3Dmob_cube2%2Cleaderboard2%2Cbb1%26div%3Dsltrib-promo-2&sc=1&abxe=1&dt=1652793929756&lmt=1652793848&dlt=1652793927010&idt=1211&biw=1600&bih=1200&adxs=141&adys=1707&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=920x90&msz=728x-1&fws=4&ohw=1600&ga_vid=1494881405.1652793928&ga_sid=1652793930&ga_hid=1861219499&ga_fc=true&btvi=1&topics=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
59cc775e7fb39713a3905bff221ac842f5401df67582dcd6e69dc7c4a76a9c0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8495
x-xss-protection
0
google-lineitem-id
5776511036
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138361539049
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&pid=Ki0Ng46gJ0yip&cb=2&ws=1600x1200&v=7.75.0&t=2000&slots=%5B%7B%22sd%22%3A%22sltrib-promo-3%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F89799359%2Fnew_sltrib.com%2FNews_Section%2Fbb2%22%7D%5D&pubid=debf9330-3806-4aee-a4d7-19e9cece1a09&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-202.dus51.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:29 GMT
via
1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
x-amz-rid
DG54KZTMAJK1BZHP4T4Y
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
hJ7mKgTcs7KxvbSIE4XxY6yiaKFVD144rfM11RTNJNHaZiAu2HavzQ==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&pid=Ki0Ng46gJ0yip&cb=3&ws=1600x1200&v=7.75.0&t=2000&slots=%5B%7B%22sd%22%3A%22sltrib-promo-6%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F89799359%2Fnew_sltrib.com%2FNews_Section%2Fmonster1%22%7D%5D&pubid=debf9330-3806-4aee-a4d7-19e9cece1a09&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-202.dus51.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:29 GMT
via
1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
x-amz-rid
Z2HSHBHPVCY5WANMKA7R
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
v_vM7r6XOqXmRt7SogppiAMr18DVH4yXvuCr3hBldLttKlwmoOjS4A==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&pid=Ki0Ng46gJ0yip&cb=4&ws=1600x1200&v=7.75.0&t=2000&slots=%5B%7B%22sd%22%3A%22sltrib-promo-99%22%2C%22s%22%3A%5B%221140x90%22%5D%2C%22sn%22%3A%22%2F89799359%2Fnew_sltrib.com%2FNews_Section%2Fdesktop_banner_fixed%22%7D%5D&pubid=debf9330-3806-4aee-a4d7-19e9cece1a09&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-202.dus51.r.cloudfront.net
Software
Server /
Resource Hash
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:29 GMT
via
1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
x-amz-rid
1SHXDJA881RGEWZFTFPH
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
UyLJnI3oD3i7a_zqT5Vhzdd66EEmNnHLx5NqZKki-0NUeFPxcGSQcQ==
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=sltrib.com&p=%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&u=0Dlg5Cg6TvsCd5PmZ&d=sltrib.com&g=65212&g0=News&g1=Peggy%20Fletcher%20Stack&n=1&f=00001&c=0.03&x=0&m=0&y=4587&o=1600&w=1200&j=30&R=1&W=0&I=0&E=1&e=1&r=&b=1651&t=OYSKOCgZ5_4DSS8jjCfOcwGCxgEeS&V=132&tz=0&_hottopic=&_acct=anon&sn=2&sv=BDhPSICeR72JDYIXG5jmFnYByQIw8&sd=1&im=067b2ff3&_
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.106.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-106-187.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:29 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		320 B
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1890137346953579&correlator=2356494955630340&eid=31067487&output=ldjh&gdfp_req=1&vrg=2022051201&ptt=17&impl=fif&iu_parts=89799359%2Cnew_sltrib.com%2CNews_Section&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1140x90&ifi=3&adks=492083525&sfv=1-0-38&ecs=20220517&fsapi=false&prev_scp=SLT-NEW-POS%3Dmob_banner_fixed%2Cdesktop_banner_fixed%2Cdesktop_banner_fixed%26div%3Dsltrib-promo-99&sc=1&abxe=1&dt=1652793929793&lmt=1652793848&dlt=1652793927010&idt=1211&biw=1600&bih=1200&adxs=230&adys=1110&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x-1&msz=1140x-1&fws=516&ohw=1600&ga_vid=1494881405.1652793928&ga_sid=1652793930&ga_hid=1861219499&ga_fc=true&btvi=0&topics=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e31dfe3fb7f53bdd539477146e30843035c6d9f1ad16573100c5cf49968cd8f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1890137346953579&correlator=2356494955630340&eid=31067487&output=ldjh&gdfp_req=1&vrg=2022051201&ptt=17&impl=fif&iu_parts=89799359%2Cnew_sltrib.com%2CNews_Section&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&ifi=4&adks=1301877128&sfv=1-0-38&ecs=20220517&fsapi=false&prev_scp=SLT-NEW-POS%3Dmob_cube6%2Csky1%2Cmonster1%26div%3Dsltrib-promo-6&sc=1&abxe=1&dt=1652793929798&lmt=1652793848&dlt=1652793927010&idt=1211&biw=1600&bih=1200&adxs=981&adys=249&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=558x600&msz=300x-1&fws=4&ohw=1600&ga_vid=1494881405.1652793928&ga_sid=1652793930&ga_hid=1861219499&ga_fc=true&btvi=0&topics=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
7b8d5a44c6b4708afd90c96895b6fa42f1d43b7e3215bd30733dd517f971c059
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8483
x-xss-protection
0
google-lineitem-id
5775978379
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138361147064
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1890137346953579&correlator=2356494955630340&eid=31067487&output=ldjh&gdfp_req=1&vrg=2022051201&ptt=17&impl=fif&iu_parts=89799359%2Cnew_sltrib.com%2CNews_Section&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=5&adks=1391537391&sfv=1-0-38&ecs=20220517&fsapi=false&prev_scp=SLT-NEW-POS%3Dmob_cube3%2Cleaderboard3%2Cbb2%26div%3Dsltrib-promo-3&sc=1&abxe=1&dt=1652793929803&lmt=1652793848&dlt=1652793927010&idt=1211&biw=1600&bih=1200&adxs=141&adys=2423&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=920x90&msz=728x-1&fws=4&ohw=1600&ga_vid=1494881405.1652793928&ga_sid=1652793930&ga_hid=1861219499&ga_fc=true&btvi=2&topics=1
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
1012e29ae435d41c998ebadc8babb4a03a0b8cf99ca2fd23dc4e3fe90cd8abf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8492
x-xss-protection
0
google-lineitem-id
5776511036
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138361538998
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
inner.html
m.stripe.network/ Frame 01E5 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-a862395be942d34811e19def0b9ea803.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
196
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 17 May 2022 13:22:20 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
x-amz-cf-id
7D6vImnH06iBEZgWVv4X65p2CM-YmtUjhRF102MRcXZxN-3BKl2R3g==
x-amz-cf-pop
DUS51-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 43B3 		102 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:c800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
746aaa7650fdffc1ddf1a76e4e47bba344d4ec91362f34527c936dc15495bc0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
DReHP.1WmfABEeQziAbykakp6LnVfuS7
content-encoding
gzip
last-modified
Sat, 30 Apr 2022 14:32:24 GMT
server
AmazonS3
age
4776
etag
W/"f72d282c37e4e2aa2d73eff3199c9ab9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Tue, 17 May 2022 13:25:30 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
0ICCcdyyOrygmHhacRkPQ-3StNN2pgrf1_jld8Dt24Ot88u2nokTsQ==
index.js
cdn1.opstag.com/14129/ Frame 43B3 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/14129/index.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-62.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9f303e01b280e8e81b30b03070129c03727c56f98173ed68e5b7efae0800d6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 14:31:52 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P2
etag
"a405fc3da57f0cb8b65824595e652a12"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 c9ca35e5541827c5873bfdb59f015b20.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
5210
x-amz-cf-id
BUpYP6AvzclJFhIdiiddPO4UrZ1PoXZwYa7EcSe2slwWvapWGgz4vw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 43B3 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 May 2022 13:25:32 GMT
csp-report
q.stripe.com/ Frame 01E5 		0
344 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:30 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
x-robots-tag
none
content-length
0
x-content-type-options
nosniff
expires
0
out-4.5.42.js
m.stripe.network/ Frame 01E5 		86 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-40.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
133
x-cache
Hit from cloudfront
date
Tue, 17 May 2022 13:23:18 GMT
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
cache-control
max-age=300, public
x-amz-cf-pop
DUS51-P1
timing-allow-origin
*
x-amz-cf-id
aJYXU6MuMR9qwps-rGDpNT1YOhu8-qLY_sBU6G15t9yUqMogy5STCw==
8d82a4d3-a206-4e49-9c15-68d5c36aa42e
analyticssystems.net/api/v2/ad/impression/ Frame 43B3 		0
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/8d82a4d3-a206-4e49-9c15-68d5c36aa42e?rand=530050
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MiyPFxucsAKCZ%2Fyi7Drukry7iboMhBLAPID1KPdT3bK6UGEmhRUltKKTKYyseBTvus2gTlGuvjW8HS7Ya5dQYyzP%2By56MAa6Eywfi%2F46ZPAn5V6qCHSasSko5FbzBTqpZR0jBYGWxSenGe7oGMoFnSWG%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
70ccadef5a608ff5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
Fu_nUp6rUMLkrx4AP0nC
view
securepubads.g.doubleclick.net/pcs/ Frame 43B3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQmT4SC9lOsNRfdAYf2JTn_W5qjYphyFkaX1oj3gQIYGtmG8Asy3_F41RHFxHjDJCrIlnZojrPmiP4LFE30kx2IywD4W0DJF9IGS_0Bgm2lYmfDPs9jhDXTnI2DeUbEG2HNihJCEqgfPqurTaLzgbQfA61W59sHQVOtpabOv3Hx6nIxP6ySNUVFBV2ytsdFpGRhlrNpYCTWaIbxe7DTtAGBNqk4JHDxaHuu5VmEbTSINIiblCJAvR-XUBQ-H-Yb3A0tuotWcleAEoem-e-EAzUZtjuO9pXsM6rMQ3wlu7vy_gNXWvJxNimZa8leqe6N5raw2iC7p2q&sig=Cg0ArKJSzCP0iBxlbc5PEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 13:25:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
5c42c53d-ba6c-4053-8621-3f5945fed4e2
https://www.sltrib.com/ Frame 43B3 		785 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.sltrib.com/5c42c53d-ba6c-4053-8621-3f5945fed4e2
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Length
785
Content-Type
application/javascript
6
m.stripe.com/ Frame 01E5 		156 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.50.223 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-50-223.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e1b4134b217a07b46291761f6fce409fc75e7f934c065203710bd93b286e02e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 17 May 2022 13:25:30 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 46D2 		102 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:c800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
746aaa7650fdffc1ddf1a76e4e47bba344d4ec91362f34527c936dc15495bc0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
DReHP.1WmfABEeQziAbykakp6LnVfuS7
content-encoding
gzip
last-modified
Sat, 30 Apr 2022 14:32:24 GMT
server
AmazonS3
age
4776
etag
W/"f72d282c37e4e2aa2d73eff3199c9ab9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Tue, 17 May 2022 13:25:30 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
Dc1dnrVKWoPVfMsT2OH_arHGKVgXmTVUTbMjERIr2Zd4hTO7o_uj1Q==
index.js
cdn1.opstag.com/14129/ Frame 46D2 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/14129/index.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-62.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9f303e01b280e8e81b30b03070129c03727c56f98173ed68e5b7efae0800d6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 14:31:52 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P2
etag
"a405fc3da57f0cb8b65824595e652a12"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c9ca35e5541827c5873bfdb59f015b20.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
5210
x-amz-cf-id
APt-UmIXGlsTcZpT6jOvM5mHY0ryone6eSPDAi7CAeCw1Y8geQcAIg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 46D2 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 May 2022 13:25:32 GMT
8d82a4d3-a206-4e49-9c15-68d5c36aa42e
analyticssystems.net/api/v2/ad/impression/ Frame 46D2 		0
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/8d82a4d3-a206-4e49-9c15-68d5c36aa42e?rand=900631
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=io2tjLor6xFk00mBGuivcBANIXbcFh0H2tP2As33Y61ztsmZpRPQyTDnIpLdxAhcBMBE5Qvmq0Y2ay3hlwMLAcslFvaP970gr2xXuRj1WSCIpx0EoKr0g1sDHHuoii8pzMHP5RsWMCBDRBQovXf89mvrlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
70ccadf04cb88ff5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
Fu_nUqcrJVznnF4ALEUS
view
securepubads.g.doubleclick.net/pcs/ Frame 46D2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuzlzsA-9R7Mqdw-GZKOOdigITIuvzFwV0L_boHroKXqcJHSa7Nl72jpX23lOp5oTByqbJj0nYxc25TX2XgQFNaHLdEwJxSBp-XxSGtXXDLdE4H_mANM4YHtK5dFX_ykmRS4SQqXZrxEQyc6RZDXqqFkWd1VzxccSJMAsIrH-hzIpi66R5pneHm5vVCNzDiOhjq80jQ1boSxcx-KgAgqAqOYDaTCb_mxee1z7XrP3UL_LdiYTzXNjfSDsFie2HxdErez7nwZobdkD0yB1F7kHvS9qfRtA8le-aj71osQJyfzWgaDwUuDidp4_vpwcuxvSl_SFbr8D_9&sig=Cg0ArKJSzI688oY5-9aDEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 13:25:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
cbd42614-a79f-4754-bf4f-178d12fb722f
https://www.sltrib.com/ Frame 46D2 		785 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.sltrib.com/cbd42614-a79f-4754-bf4f-178d12fb722f
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Length
785
Content-Type
application/javascript
prebid.js
cdn1.opstag.com/14129/ Frame FFC3 		350 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/14129/prebid.js
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-62.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c030652dbe0db9f27711f5bc21254dc2e1fdd3ece626f945512d4557e5c33b90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 14:31:52 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P2
etag
"8d974848dee1d39449d86b63982e4583"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 c9ca35e5541827c5873bfdb59f015b20.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
107525
x-amz-cf-id
6hNV1iz-FMsJaRZBSJJAW78RYNjLE2-WRzLr_C9BYX7lwP0yz-FyUw==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157898/3581/ Frame FFC3 		166 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.100.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-100-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
64bff75a60c41b34a4deb9ce811a1e48a1b17bc3d3624715354764f6ae57cb63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
last-modified
Thu, 30 Sep 2021 19:51:44 GMT
server
Apache/2.2.15 (CentOS)
etag
"1421bfb-2987a-5cd3bc6b497d9"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=81917
accept-ranges
bytes
content-type
text/javascript
content-length
54629
expires
Wed, 18 May 2022 12:10:48 GMT
config.js
confiant-integrations.global.ssl.fastly.net/6NDWu2Xp1GnoaY0P5qy6y80dmR8/gpt_and_prebid/ Frame FFC3 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/6NDWu2Xp1GnoaY0P5qy6y80dmR8/gpt_and_prebid/config.js
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/index.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a08d6c1ed904cafae06723b64838bb4bb2ab0df1cf10a0d32c2029829b6764b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 13:25:30 GMT
Content-Encoding
gzip
Age
2041
X-Cache
HIT
Connection
keep-alive
Content-Length
12129
x-amz-id-2
Fn779GNx3+meSafYpQf5OcddOIGN8Ul7hPS7XleSKtOLedVjszxuHz7MDxPV+nvpsXKuGXm87UU=
X-Served-By
cache-hhn4074-HHN
Last-Modified
Tue, 17 May 2022 11:34:31 GMT
Server
AmazonS3
X-Timer
S1652793931.609408,VS0,VE1
ETag
"3f5c37a6286fa9f178b070d95c83eaa9"
x-amz-request-id
WZC5GKTC3D16WXKJ
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
1
placement.js
cdn1.opstag.com/14129/ Frame FFC3 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/14129/placement.js?cb=1652793930553
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-62.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca402f9c39effe12e3d2fa2381846892901314835d02d401f0a338450e23c2e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 14:31:52 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P2
etag
"1f16afe5567ec575c480dc826c686e94"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 c9ca35e5541827c5873bfdb59f015b20.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
9025
x-amz-cf-id
88mgFkRg2M3D4d2HlRKd9-JfiJGcfHl4lpERtp8_no0IQyPI3uvO9A==
ad
pubads.g.doubleclick.net/gampad/ Frame 43B3
Redirect Chain
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,89799359/saltlaketribune/sltrib-14129-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5756270048
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,89799359/saltlaketribune/sltrib-14129-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5756270048&pre=1
42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,89799359/saltlaketribune/sltrib-14129-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5756270048&pre=1
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
google-creative-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
google-lineitem-id
-2

Redirect headers

timing-allow-origin
*
date
Tue, 17 May 2022 13:25:30 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,89799359/saltlaketribune/sltrib-14129-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5756270048&pre=1
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
ad
pubads.g.doubleclick.net/gampad/ Frame 46D2
Redirect Chain
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,89799359/saltlaketribune/sltrib-14129-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5756270048
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,89799359/saltlaketribune/sltrib-14129-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5756270048&pre=1
42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,89799359/saltlaketribune/sltrib-14129-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5756270048&pre=1
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
google-creative-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
google-lineitem-id
-2

Redirect headers

timing-allow-origin
*
date
Tue, 17 May 2022 13:25:30 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,89799359/saltlaketribune/sltrib-14129-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5756270048&pre=1
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
prebid.js
cdn1.opstag.com/14129/ Frame 581D 		350 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/14129/prebid.js
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-62.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c030652dbe0db9f27711f5bc21254dc2e1fdd3ece626f945512d4557e5c33b90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 14:31:52 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P2
etag
"8d974848dee1d39449d86b63982e4583"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c9ca35e5541827c5873bfdb59f015b20.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
107525
x-amz-cf-id
M6l6_uh0oBfX2Q99RyTIXwYhKte2X7MN8ZnEu7BHjkzB_IKDZui0Ag==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157898/3581/ Frame 581D 		166 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.100.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-100-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
64bff75a60c41b34a4deb9ce811a1e48a1b17bc3d3624715354764f6ae57cb63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
last-modified
Thu, 30 Sep 2021 19:51:44 GMT
server
Apache/2.2.15 (CentOS)
etag
"1421bfb-2987a-5cd3bc6b497d9"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=81917
accept-ranges
bytes
content-type
text/javascript
content-length
54629
expires
Wed, 18 May 2022 12:10:48 GMT
config.js
confiant-integrations.global.ssl.fastly.net/6NDWu2Xp1GnoaY0P5qy6y80dmR8/gpt_and_prebid/ Frame 581D 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/6NDWu2Xp1GnoaY0P5qy6y80dmR8/gpt_and_prebid/config.js
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/index.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a08d6c1ed904cafae06723b64838bb4bb2ab0df1cf10a0d32c2029829b6764b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 13:25:30 GMT
Content-Encoding
gzip
Age
2041
X-Cache
HIT
Connection
keep-alive
Content-Length
12129
x-amz-id-2
Fn779GNx3+meSafYpQf5OcddOIGN8Ul7hPS7XleSKtOLedVjszxuHz7MDxPV+nvpsXKuGXm87UU=
X-Served-By
cache-hhn4071-HHN
Last-Modified
Tue, 17 May 2022 11:34:31 GMT
Server
AmazonS3
X-Timer
S1652793931.611802,VS0,VE0
ETag
"3f5c37a6286fa9f178b070d95c83eaa9"
x-amz-request-id
WZC5GKTC3D16WXKJ
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
3
placement.js
cdn1.opstag.com/14129/ Frame 581D 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/14129/placement.js?cb=1652793930563
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-62.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca402f9c39effe12e3d2fa2381846892901314835d02d401f0a338450e23c2e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 14:31:52 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P2
etag
"1f16afe5567ec575c480dc826c686e94"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c9ca35e5541827c5873bfdb59f015b20.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
9025
x-amz-cf-id
3I8Xbg2fNYnm9z1Vw5vGxY_p8vyU5e4TEIvbTmLXKwH-sQWNjKZRIg==
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202205091138/ Frame FFC3 		194 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202205091138/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/6NDWu2Xp1GnoaY0P5qy6y80dmR8/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
468718a583ec98edb242b85a424558fd63ceac3a8c1ff6a76bbf473b857481c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 13:25:30 GMT
Content-Encoding
gzip
Age
183
X-Cache
HIT
Connection
keep-alive
Content-Length
63033
x-amz-id-2
58gElluOuCwWBtEVPun3TWl7MgVlsRQz3OjExuyxVhjXkvGx9p2tDF60myK5rwiwhAHpcvEhI4c=
X-Served-By
cache-hhn4071-HHN
Last-Modified
Mon, 09 May 2022 15:39:37 GMT
Server
AmazonS3
X-Timer
S1652793931.631919,VS0,VE0
ETag
"ecf02ff527b0ed563b40adaa835278b3"
x-amz-request-id
9NBZ3EYC95NKAX8V
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
710
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202205091138/ Frame 581D 		194 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202205091138/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/6NDWu2Xp1GnoaY0P5qy6y80dmR8/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
468718a583ec98edb242b85a424558fd63ceac3a8c1ff6a76bbf473b857481c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 13:25:30 GMT
Content-Encoding
gzip
Age
182
X-Cache
HIT
Connection
keep-alive
Content-Length
63033
x-amz-id-2
58gElluOuCwWBtEVPun3TWl7MgVlsRQz3OjExuyxVhjXkvGx9p2tDF60myK5rwiwhAHpcvEhI4c=
X-Served-By
cache-hhn4074-HHN
Last-Modified
Mon, 09 May 2022 15:39:37 GMT
Server
AmazonS3
X-Timer
S1652793931.633431,VS0,VE0
ETag
"ecf02ff527b0ed563b40adaa835278b3"
x-amz-request-id
9NBZ3EYC95NKAX8V
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
681
8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 7893 		102 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:c800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
746aaa7650fdffc1ddf1a76e4e47bba344d4ec91362f34527c936dc15495bc0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
DReHP.1WmfABEeQziAbykakp6LnVfuS7
content-encoding
gzip
last-modified
Sat, 30 Apr 2022 14:32:24 GMT
server
AmazonS3
age
4776
etag
W/"f72d282c37e4e2aa2d73eff3199c9ab9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Tue, 17 May 2022 13:25:30 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
MGTasgOdXyvOB2vpxZkJAtEIIXOGtirjG8IX8X5qXA775bUzGJFbRQ==
index.js
cdn1.opstag.com/14130/ Frame 7893 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/14130/index.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-62.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cbdc33cc4483bfdb9004913ffc4927c79341bc23fe3db37919c0e51511d77dae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:32 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 13:50:16 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P2
etag
"1cdb8abc9b6ef7e0c5c7be871bc7ff0d"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 c9ca35e5541827c5873bfdb59f015b20.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
5214
x-amz-cf-id
SuxHFMdd_Brmd-PRqWtyMJgWLI9ZfRPHpYoQuUaa6X__OFhuH7OiFg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7893 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 May 2022 13:25:32 GMT
player.css
cds.connatix.com/p/162633/ 		56 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/162633/player.css
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0bfa346d7611b406e1c95c3ae1c7bd1a9a7c5340a7a197842f0005f7380546be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:30 GMT
content-encoding
br
last-modified
Tue, 17 May 2022 10:15:53 GMT
age
9460
etag
"563e0ae70a190337a57b9f3faf012f8e"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
8661
connatix.playspace.css
cds.connatix.com/p/162633/ 		99 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/162633/connatix.playspace.css
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
874cc1315f35963fb2488576f0c83489e22edfe22f6ce355e7e87e65063bbf7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:30 GMT
content-encoding
br
last-modified
Tue, 17 May 2022 10:15:52 GMT
age
9460
etag
"132acf023a5a30ef72888d6e359a6663"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
13634
pls
capi.connatix.com/core/ Frame 08BF 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/pls?v=162633
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dc997df0b64ce11d20c2798515bb231b0074366b83888f0fc3a5d51c51dec6c2

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 17 May 2022 13:25:30 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.sltrib.com
access-control-max-age
86400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
5397
8d82a4d3-a206-4e49-9c15-68d5c36aa42e
analyticssystems.net/api/v2/ad/impression/ Frame 7893 		0
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/8d82a4d3-a206-4e49-9c15-68d5c36aa42e?rand=634789
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2FF4di5nvlmSyxxaSCV6%2Bj6qGSkDINMWBTjxWtsARvfJXR2CWILRr0BswQiMBL3RIVzlO8x0LCU1aIC2MzKLZt%2F55gZ1RveCVdIb5VJWpllVYFEu5KN9Oo5dYG8AvG3tR8ajN0XYuzN0gTAxZrtRn9y%2Frg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
70ccadf33bd98ff5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
Fu_nUr0rf-WkBMgC-lNB
view
securepubads.g.doubleclick.net/pcs/ Frame 7893 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstdW2nT6PXjGW1G0oIwEUGUVOJQR4F6Ezp91SGD3iv6RABt1OP0Mse4FaNxrQp2uxKZQoAsNn2RWTaR0uDhJHrFQHxjydUzXhFSHHfGLHX25r7sTyv-iYYtJa8YJNONiJ71au6uFw5Z_0rtaMIPFOd1HSG6hTeBvKi_L7yogzwXbeUlc9SJkSh7pDxEM8xBLcp7BjinnJfH_LsVnA3yWaVKE8hBm0aZMsSo8UxcxwQZNn2KkqUdaG_bTroZu_zn_1HDtLGOp2y8mMvn5qv8AwiaxjllcvOG5Cx03UlfNErYPhoqaRc1sdFHPZRNe-Lmrzs03ltILLy3&sig=Cg0ArKJSzBguAT3FVA6SEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 13:25:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
a582dcc2-6b55-4d35-adaa-18a50f556707
https://www.sltrib.com/ Frame 7893 		785 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.sltrib.com/a582dcc2-6b55-4d35-adaa-18a50f556707
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Length
785
Content-Type
application/javascript
8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame B642 		102 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:c800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
746aaa7650fdffc1ddf1a76e4e47bba344d4ec91362f34527c936dc15495bc0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
DReHP.1WmfABEeQziAbykakp6LnVfuS7
content-encoding
gzip
last-modified
Sat, 30 Apr 2022 14:32:24 GMT
server
AmazonS3
age
4776
etag
W/"f72d282c37e4e2aa2d73eff3199c9ab9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Tue, 17 May 2022 13:25:30 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
-DzKCfjqMLYMtBvp4udnt0fgmbYqT4cYzYDVBV-6yj3dBrWO0Uuvdg==
index.js
cdn1.opstag.com/14129/ Frame B642 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/14129/index.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-62.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9f303e01b280e8e81b30b03070129c03727c56f98173ed68e5b7efae0800d6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 14:31:52 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P2
etag
"a405fc3da57f0cb8b65824595e652a12"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c9ca35e5541827c5873bfdb59f015b20.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
5210
x-amz-cf-id
Le62O2tdnmgjB-Er_0rtHwvaNKYVIgd-67-7GVsfz6ipC6jtJ-LlfQ==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B642 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 May 2022 13:25:32 GMT
8d82a4d3-a206-4e49-9c15-68d5c36aa42e
analyticssystems.net/api/v2/ad/impression/ Frame B642 		0
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/8d82a4d3-a206-4e49-9c15-68d5c36aa42e?rand=275821
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EU29WdMp5LU6Nw%2FZpavkTp1XYa3OzNS10FF5s4Uk%2F8WMjckxlMhVbRhLSO75Tn45MOwbo0yp%2BfMN4Rfw9XUddCLt37PUp8g8p%2BeY1b%2FSaLBny3l%2FawCqc8WbzZqJNrBS2K0LR8IEIQoJeTvkSMSfAxK2Sg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
70ccadf41e578ff5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
Fu_nUsX9lXRPUvEAYYxB
view
securepubads.g.doubleclick.net/pcs/ Frame B642 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGevMQNr9JLoDaULsTRs8VlKFWarae9s_NKGivNVwAK5vaYYAUAAAXFEVVujmmHuetSFnr4qSZcOohI0z2CNAh-LI5JKva9R25xNNCMn0WYUC7FYCTk-NLoWMSi7ux2Y-PHaYeFoK3asRiR4GcEC959oLG-peLUjuLcZQci5XpKx9DpkUgw_Fgx6T62wKu5_ECrxkLnEYJCnlU_0cWRqrNcmGBdKy7j_L8GT-QHNQUZvCpi8IriRPZ6ENWLB_Qk7KeJByazl2RVUmBw55JY8V-KywJ9tzu2XIhKvpJNWFJc1lFz9O1zB8mH6KXhd1OQZZKxf9Kfiom&sig=Cg0ArKJSzMBXU-6IYHhkEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 13:25:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
9cd86a24-46ad-465b-9a84-eeacf6789bb2
https://www.sltrib.com/ Frame B642 		785 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.sltrib.com/9cd86a24-46ad-465b-9a84-eeacf6789bb2
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Length
785
Content-Type
application/javascript
ad
pubads.g.doubleclick.net/gampad/ Frame B642
Redirect Chain
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,89799359/saltlaketribune/sltrib-14129-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5756270048
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,89799359/saltlaketribune/sltrib-14129-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5756270048&pre=1
42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,89799359/saltlaketribune/sltrib-14129-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5756270048&pre=1
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
google-creative-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
google-lineitem-id
-2

Redirect headers

timing-allow-origin
*
date
Tue, 17 May 2022 13:25:30 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,89799359/saltlaketribune/sltrib-14129-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5756270048&pre=1
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
prebid.js
cdn1.opstag.com/14129/ Frame 0CFB 		350 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/14129/prebid.js
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-62.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c030652dbe0db9f27711f5bc21254dc2e1fdd3ece626f945512d4557e5c33b90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:30 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 14:31:52 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P2
etag
"8d974848dee1d39449d86b63982e4583"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c9ca35e5541827c5873bfdb59f015b20.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
107525
x-amz-cf-id
zgze0WWsEeSF1_NOkBW-eC8CiEMt3vA_ZoJg-fs67X4Gz9ensgd8qw==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157898/3581/ Frame 0CFB 		166 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.100.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-100-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
64bff75a60c41b34a4deb9ce811a1e48a1b17bc3d3624715354764f6ae57cb63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
last-modified
Thu, 30 Sep 2021 19:51:44 GMT
server
Apache/2.2.15 (CentOS)
etag
"1421bfb-2987a-5cd3bc6b497d9"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=81917
accept-ranges
bytes
content-type
text/javascript
content-length
54629
expires
Wed, 18 May 2022 12:10:48 GMT
config.js
confiant-integrations.global.ssl.fastly.net/6NDWu2Xp1GnoaY0P5qy6y80dmR8/gpt_and_prebid/ Frame 0CFB 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/6NDWu2Xp1GnoaY0P5qy6y80dmR8/gpt_and_prebid/config.js
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/index.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a08d6c1ed904cafae06723b64838bb4bb2ab0df1cf10a0d32c2029829b6764b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 13:25:30 GMT
Content-Encoding
gzip
Age
2041
X-Cache
HIT
Connection
keep-alive
Content-Length
12129
x-amz-id-2
Fn779GNx3+meSafYpQf5OcddOIGN8Ul7hPS7XleSKtOLedVjszxuHz7MDxPV+nvpsXKuGXm87UU=
X-Served-By
cache-hhn4074-HHN
Last-Modified
Tue, 17 May 2022 11:34:31 GMT
Server
AmazonS3
X-Timer
S1652793931.909548,VS0,VE0
ETag
"3f5c37a6286fa9f178b070d95c83eaa9"
x-amz-request-id
WZC5GKTC3D16WXKJ
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
2
placement.js
cdn1.opstag.com/14129/ Frame 0CFB 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/14129/placement.js?cb=1652793930897
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-62.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca402f9c39effe12e3d2fa2381846892901314835d02d401f0a338450e23c2e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:30 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 14:31:52 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P2
etag
"1f16afe5567ec575c480dc826c686e94"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c9ca35e5541827c5873bfdb59f015b20.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
9025
x-amz-cf-id
KTnpGaQmlZq_I9x81QpMPlY0BVCD_rhIHF5q2BYF-Plscb0pxPJeEg==
insights.bin
ins.connatix.com/0f8784e3954b16cee6ef2b4150474051/ Frame 08BF 		252 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/0f8784e3954b16cee6ef2b4150474051/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f19ec18175b0631e9c5d0f2adf42f0fd7742019915f8e06b379ceb1500f13a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
last-modified
Sat, 12 Feb 2022 04:59:36 GMT
age
215424
etag
"cbd95329a638a293b4999bbc42855699"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
174
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202205091138/ Frame 0CFB 		194 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202205091138/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/6NDWu2Xp1GnoaY0P5qy6y80dmR8/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
468718a583ec98edb242b85a424558fd63ceac3a8c1ff6a76bbf473b857481c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 13:25:30 GMT
Content-Encoding
gzip
Age
182
X-Cache
HIT
Connection
keep-alive
Content-Length
63033
x-amz-id-2
58gElluOuCwWBtEVPun3TWl7MgVlsRQz3OjExuyxVhjXkvGx9p2tDF60myK5rwiwhAHpcvEhI4c=
X-Served-By
cache-hhn4074-HHN
Last-Modified
Mon, 09 May 2022 15:39:37 GMT
Server
AmazonS3
X-Timer
S1652793931.951396,VS0,VE0
ETag
"ecf02ff527b0ed563b40adaa835278b3"
x-amz-request-id
9NBZ3EYC95NKAX8V
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
683
sr
capi-tier-2-us-east-2.connatix.com/tr/ Frame 08BF 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-2-us-east-2.connatix.com/tr/sr?v=162633
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.190.49.176 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-49-176.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 17 May 2022 13:25:30 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
2_media.bin
vid.connatix.com/pid-53d1a0d1-fece-47a0-a31f-3b974da78e6f/60764267-557e-410f-85cb-f102d92ee134/56cd03ca-2ab2-4921-b563-8d73cc0999db/ Frame 08BF 		291 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-53d1a0d1-fece-47a0-a31f-3b974da78e6f/60764267-557e-410f-85cb-f102d92ee134/56cd03ca-2ab2-4921-b563-8d73cc0999db/2_media.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b292ff3fa0d20f1e09e89b781b051b669b3d9a31c6833e33695cc865f381bac4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
last-modified
Fri, 16 Apr 2021 17:29:21 GMT
age
80660
etag
"b57e101bc236595c26fda12de90cedcf"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
255
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 08BF 		377 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c92ee2460b4063f46ccd0ad0e0a68d212c6b756c4a0ef3a7fdf0afe0989781b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128852
x-xss-protection
0
expires
Tue, 17 May 2022 13:25:31 GMT
story
capi.connatix.com/core/ Frame BEF5 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/story?v=162633
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1a181e5bf43d3f555957158c2d1d653980d3f82e4cebdc298e9919744a868ed2

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.sltrib.com
access-control-max-age
86400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
5369
gpt.js
www.googletagservices.com/tag/js/ Frame FFC3 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f5fce810a506822eedbf33946b50aac5c1898f3789343a7f3ca5008270ce0c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28366
x-xss-protection
0
server
sffe
etag
"1217 / 943 of 1000 / last-modified: 1652785528"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 17 May 2022 13:25:31 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 581D 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f5fce810a506822eedbf33946b50aac5c1898f3789343a7f3ca5008270ce0c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28366
x-xss-protection
0
server
sffe
etag
"1217 / 506 of 1000 / last-modified: 1652785528"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 17 May 2022 13:25:31 GMT
hls.5b3b785f487abbe00eee.js
cds.connatix.com/p/162633/ Frame 08BF 		162 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/162633/hls.5b3b785f487abbe00eee.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e2c4332b6cd0fea250e89907921adaf7e597b52808cf19c995d6173ae0263f21

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
br
last-modified
Tue, 17 May 2022 10:15:53 GMT
age
9461
etag
"182f65d040bfb9544bd8f71472475672"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
48258
prebid.js
cdn1.opstag.com/14130/ Frame 613D 		350 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/14130/prebid.js
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14130/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-62.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c030652dbe0db9f27711f5bc21254dc2e1fdd3ece626f945512d4557e5c33b90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:32 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 13:50:16 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P2
etag
"8d974848dee1d39449d86b63982e4583"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 c9ca35e5541827c5873bfdb59f015b20.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
107525
x-amz-cf-id
u01oTzWNmJcfZkkIm2uWTutVKSoOTdlg3y532mYhWUtpT_o7B6ZRlg==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157898/3581/ Frame 613D 		166 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.100.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-100-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
64bff75a60c41b34a4deb9ce811a1e48a1b17bc3d3624715354764f6ae57cb63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
last-modified
Thu, 30 Sep 2021 19:51:44 GMT
server
Apache/2.2.15 (CentOS)
etag
"1421bfb-2987a-5cd3bc6b497d9"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=81917
accept-ranges
bytes
content-type
text/javascript
content-length
54629
expires
Wed, 18 May 2022 12:10:48 GMT
config.js
confiant-integrations.global.ssl.fastly.net/6NDWu2Xp1GnoaY0P5qy6y80dmR8/gpt_and_prebid/ Frame 613D 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/6NDWu2Xp1GnoaY0P5qy6y80dmR8/gpt_and_prebid/config.js
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14130/index.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a08d6c1ed904cafae06723b64838bb4bb2ab0df1cf10a0d32c2029829b6764b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 13:25:31 GMT
Content-Encoding
gzip
Age
2042
X-Cache
HIT
Connection
keep-alive
Content-Length
12129
x-amz-id-2
Fn779GNx3+meSafYpQf5OcddOIGN8Ul7hPS7XleSKtOLedVjszxuHz7MDxPV+nvpsXKuGXm87UU=
X-Served-By
cache-hhn4074-HHN
Last-Modified
Tue, 17 May 2022 11:34:31 GMT
Server
AmazonS3
X-Timer
S1652793931.183607,VS0,VE0
ETag
"3f5c37a6286fa9f178b070d95c83eaa9"
x-amz-request-id
WZC5GKTC3D16WXKJ
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
3
placement.js
cdn1.opstag.com/14130/ Frame 613D 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/14130/placement.js?cb=1652793931172
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14130/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-62.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2083cd1e08892f16bdacb988d287c590a32e3aa131c2bdb56dd9c8e0bf93cb62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:32 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 13:50:16 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P2
etag
"84032e5ad77507999b9d99c44b7fd68b"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 c9ca35e5541827c5873bfdb59f015b20.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
9035
x-amz-cf-id
Whhdr2pxUemCtp5hJI7HwvEkDktPOE3gtwEceINi-zBL3qqi7dNQvg==
ad
pubads.g.doubleclick.net/gampad/ Frame 7893
Redirect Chain
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,89799359/saltlaketribune/sltrib-14130-300x600-activefill-desktop-pixel&sz=1x1&t=&c=5755742761
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,89799359/saltlaketribune/sltrib-14130-300x600-activefill-desktop-pixel&sz=1x1&t=&c=5755742761&pre=1
42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,89799359/saltlaketribune/sltrib-14130-300x600-activefill-desktop-pixel&sz=1x1&t=&c=5755742761&pre=1
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
google-creative-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
google-lineitem-id
-2

Redirect headers

timing-allow-origin
*
date
Tue, 17 May 2022 13:25:31 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,89799359/saltlaketribune/sltrib-14130-300x600-activefill-desktop-pixel&sz=1x1&t=&c=5755742761&pre=1
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
ao
capi-tier-2-us-east-2.connatix.com/tr/ Frame 08BF 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-2-us-east-2.connatix.com/tr/ao?v=162633
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.190.49.176 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-49-176.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 17 May 2022 13:25:30 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
g
capi-tier-2-us-east-2.connatix.com/rtb/ Frame 08BF 		321 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-2-us-east-2.connatix.com/rtb/g?v=162633
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.190.49.176 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-49-176.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
78c984ba8c80a05b09fd1bbc943d529de2f36a3aaa0cb082448fd812bf6c945a

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 17 May 2022 13:25:30 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
274
ps
capi-tier-2-us-east-2.connatix.com/tr/ Frame 08BF 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-2-us-east-2.connatix.com/tr/ps?v=162633
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.190.49.176 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-49-176.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 17 May 2022 13:25:30 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
1_th.jpg
img.connatix.com/pid-53d1a0d1-fece-47a0-a31f-3b974da78e6f/60764267-557e-410f-85cb-f102d92ee134/56cd03ca-2ab2-4921-b563-8d73cc0999db/ 		9 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-53d1a0d1-fece-47a0-a31f-3b974da78e6f/60764267-557e-410f-85cb-f102d92ee134/56cd03ca-2ab2-4921-b563-8d73cc0999db/1_th.jpg?crop=400:225,smart&width=400&height=225&format=jpeg&quality=60&fit=crop
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d902484e0cf777726798bce7167c1a8e823dc89deeea924b075e7ca609f6b7da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
br
age
91483
etag
"SUzSECFrroqu4FhKH8pmyNsqk0ofFhWr0HVHro+3dgQ"
access-control-max-age
86400
fastly-io-info
ifsz=93987 idim=2560x1440 ifmt=jpeg ofsz=8714 odim=400x225 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
8288
pubads_impl_2022051201.js
securepubads.g.doubleclick.net/gpt/ Frame FFC3 		368 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
7e34e3650444be4442224a77990a95d0ba66457124adf9e73df76e8134110d1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 12:53:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1938
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127621
x-xss-protection
0
last-modified
Thu, 12 May 2022 08:35:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 17 May 2023 12:53:13 GMT
pubads_impl_2022051201.js
securepubads.g.doubleclick.net/gpt/ Frame 581D 		368 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
7e34e3650444be4442224a77990a95d0ba66457124adf9e73df76e8134110d1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 12:53:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1938
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127621
x-xss-protection
0
last-modified
Thu, 12 May 2022 08:35:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 17 May 2023 12:53:13 GMT
playlist.m3u8
vid.connatix.com/pid-53d1a0d1-fece-47a0-a31f-3b974da78e6f/60764267-557e-410f-85cb-f102d92ee134/56cd03ca-2ab2-4921-b563-8d73cc0999db/ Frame 08BF 		309 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-53d1a0d1-fece-47a0-a31f-3b974da78e6f/60764267-557e-410f-85cb-f102d92ee134/56cd03ca-2ab2-4921-b563-8d73cc0999db/playlist.m3u8
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/162633/hls.5b3b785f487abbe00eee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
last-modified
Fri, 16 Apr 2021 17:29:21 GMT
age
91482
etag
"8a966507b13615ecdc1330a4bc9dcfe1"
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
164
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202205091138/ Frame 613D 		194 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202205091138/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/6NDWu2Xp1GnoaY0P5qy6y80dmR8/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
468718a583ec98edb242b85a424558fd63ceac3a8c1ff6a76bbf473b857481c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 13:25:31 GMT
Content-Encoding
gzip
Age
183
X-Cache
HIT
Connection
keep-alive
Content-Length
63033
x-amz-id-2
58gElluOuCwWBtEVPun3TWl7MgVlsRQz3OjExuyxVhjXkvGx9p2tDF60myK5rwiwhAHpcvEhI4c=
X-Served-By
cache-hhn4074-HHN
Last-Modified
Mon, 09 May 2022 15:39:37 GMT
Server
AmazonS3
X-Timer
S1652793931.258283,VS0,VE0
ETag
"ecf02ff527b0ed563b40adaa835278b3"
x-amz-request-id
9NBZ3EYC95NKAX8V
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
685
bridge3.516.0_en.html
imasdk.googleapis.com/js/core/ Frame 8759 		634 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.516.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
066fc3ce045361bba8240f583393178cdedced02f8d4bb917c2d3f0520032564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
162412
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210041
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 16:18:39 GMT
expires
Mon, 15 May 2023 16:18:39 GMT
last-modified
Tue, 10 May 2022 20:24:29 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 08BF 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 13:25:31 GMT
bridge3.516.0_en.html
imasdk.googleapis.com/js/core/ Frame 624A 		634 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.516.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
066fc3ce045361bba8240f583393178cdedced02f8d4bb917c2d3f0520032564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
162412
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210041
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 16:18:39 GMT
expires
Mon, 15 May 2023 16:18:39 GMT
last-modified
Tue, 10 May 2022 20:24:29 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.516.0_en.html
imasdk.googleapis.com/js/core/ Frame 99E6 		634 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.516.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
066fc3ce045361bba8240f583393178cdedced02f8d4bb917c2d3f0520032564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
162412
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210041
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 16:18:39 GMT
expires
Mon, 15 May 2023 16:18:39 GMT
last-modified
Tue, 10 May 2022 20:24:29 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
0.m3u8
vid.connatix.com/pid-53d1a0d1-fece-47a0-a31f-3b974da78e6f/60764267-557e-410f-85cb-f102d92ee134/56cd03ca-2ab2-4921-b563-8d73cc0999db/ Frame 08BF 		720 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-53d1a0d1-fece-47a0-a31f-3b974da78e6f/60764267-557e-410f-85cb-f102d92ee134/56cd03ca-2ab2-4921-b563-8d73cc0999db/0.m3u8
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/162633/hls.5b3b785f487abbe00eee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fe4ac3d8e53e203a57f8cc79f2c58d6988e23a7fbb1dcb5c575aff43cba953c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
last-modified
Fri, 16 Apr 2021 17:29:20 GMT
age
91482
etag
"6485b792a542bdc6992a9bdb0c9bd29e"
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
282
insights.bin
ins.connatix.com/0f8784e3954b16cee6ef2b4150474051/ Frame BEF5 		252 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/0f8784e3954b16cee6ef2b4150474051/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f19ec18175b0631e9c5d0f2adf42f0fd7742019915f8e06b379ceb1500f13a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
last-modified
Sat, 12 Feb 2022 04:59:36 GMT
age
215424
etag
"cbd95329a638a293b4999bbc42855699"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
174
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4005 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:21:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 17 May 2022 14:21:09 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 72F0 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:21:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 17 May 2022 14:21:09 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2F89 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:21:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 17 May 2022 14:21:09 GMT
sr
capi-tier-2-us-east-2.connatix.com/tr/ Frame BEF5 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-2-us-east-2.connatix.com/tr/sr?v=162633
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.190.49.176 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-49-176.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 17 May 2022 13:25:30 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame BEF5 		377 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c92ee2460b4063f46ccd0ad0e0a68d212c6b756c4a0ef3a7fdf0afe0989781b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128852
x-xss-protection
0
expires
Tue, 17 May 2022 13:25:31 GMT
c552fd2d-7d8a-44b9-8a78-0d3a7bdd1d66.bin
vid.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/ Frame BEF5 		2 KB
946 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/c552fd2d-7d8a-44b9-8a78-0d3a7bdd1d66.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b335094317c5104090170af33221a64064307b66db643f6a65154ed68ba4705d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
last-modified
Tue, 17 May 2022 02:55:53 GMT
age
37377
etag
"35b42adbaba48381b4c8869a788ec2bc"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
855
gpt.js
www.googletagservices.com/tag/js/ Frame 0CFB 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f5fce810a506822eedbf33946b50aac5c1898f3789343a7f3ca5008270ce0c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28366
x-xss-protection
0
server
sffe
etag
"1217 / 527 of 1000 / last-modified: 1652785528"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 17 May 2022 13:25:31 GMT
0.mp4
vid.connatix.com/pid-53d1a0d1-fece-47a0-a31f-3b974da78e6f/60764267-557e-410f-85cb-f102d92ee134/56cd03ca-2ab2-4921-b563-8d73cc0999db/ Frame 08BF 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-53d1a0d1-fece-47a0-a31f-3b974da78e6f/60764267-557e-410f-85cb-f102d92ee134/56cd03ca-2ab2-4921-b563-8d73cc0999db/0.mp4
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/162633/hls.5b3b785f487abbe00eee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
41e3923f4d930aa1d58f18c785ba189e7944070656b0480532787d2447dc72d8

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range
bytes=0-1361

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
last-modified
Fri, 16 Apr 2021 17:29:20 GMT
age
91065
etag
"98837544ae4968e732bc1b97df9727d0"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-1361/6067007
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
1362
gaAccount
buy.tinypass.com/api/v3/anon/assets/ 		77 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/assets/gaAccount?aid=vxCIN3E3cT&tbc=%7Bkpex%7DGmmCyT-gaBGEgTR7-yvifzjSOhiA8P8X7OD0Gbr26_a5pf0_vV9rLVpkglB9hydZ&user_provider=piano_id&user_token=&callApiJsonp=true&callback=jsonp2542
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
648e43a6922161bd259f3e15038eb15b68d62549fd30fa7c2397b75e369d7da6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

cf-ray
70ccadf83a359950-FRA
date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
wn
prod-dash-10-0-84-224
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
p3p
CP="NON DSP COR OUR IND"
server-time
0.005
cache-control
public, max-age=86400, s-maxage=86400
x-forwarded-https
on
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Cjy31crxnZB
trinity.json
apex.go.sonobi.com/ Frame FFC3 		94 B
844 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%222acdbc648c3c9a%22%3A%224e59f9b672442ace0282%7C728x90%7Cgpid%3D%2F8570%2C89799359%2Fsaltlaketribune%2Fsltrib-14129-728x90-activefill-desktop%22%7D&ref=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=a56ddd22-32ba-493b-bc9b-32cd3402f46f&pv=b056ab2e-c9e9-4b77-a74d-6f02f66708ae&vp=mobile&lib_name=prebid&lib_v=6.8.0&us=10&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22yieldlift.com%22%2C%22sid%22%3A%222000027%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
2a1819580c8a8e33e0410a705d4f49c2be16f1dc3c632eb5dd075786d0f2cbe1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:31 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
119
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid-request
onetag-sys.com/ Frame FFC3 		15 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.sltrib.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bid
ap.lijit.com/rtb/ Frame FFC3 		94 B
745 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.8.0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
8ca993abb5d57bffaa86b09d46cbc1e7832ba18aea38d860799b87fe9f0c8959

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 13:25:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.sltrib.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
c
prebid.a-mo.net/a/ Frame FFC3 		0
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sltrib.com
date
Tue, 17 May 2022 13:25:31 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
392
vary
origin, Accept-Encoding
translator
hbopenbid.pubmatic.com/ Frame FFC3 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 West Chester, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sltrib.com
date
Tue, 17 May 2022 13:25:32 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame FFC3 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
2ca1198e3b2b27e0e1a962cb9d68a6c29f71a642e8b52fa315dfc47f2a66f784
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:31 GMT
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f3c5eddc-9620-4f52-86c8-7cc303bfa6f1
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
os4m-d.openx.net/w/1.0/ Frame FFC3 		72 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://os4m-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5eee023e-bac9-44f4-9549-7b355b37607a&nocache=1652793931597&schain=1.0%2C1!yieldlift.com%2C2000027%2C1%2C%2C%2C&aus=728x90&divids=div-gpt-ad-2371410517890-0&aucs=&auid=545647200
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
c71dee73ece3b8be6d8e408458e1cf484ceb90134a62e180ac49cfe8b93b22fc

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sltrib.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame FFC3 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=261912&zone_id=2131224&size_id=2&rp_schain=1.0,1!yieldlift.com,2000027,1,,,&rf=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&tk_flint=pbjs_lite_v6.8.0&x_source.tid=5eee023e-bac9-44f4-9549-7b355b37607a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7716115463670765
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ff944a61bf770e8a7bbebf211c20bfa92bdbab8dd5a1f718368c34a8dc5e321b

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:31 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ Frame FFC3 		37 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=700519&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2217850c9867515e6%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.8.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2218020254644b483%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22700519%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22yieldlift.com%22%2C%22sid%22%3A%222000027%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e22f0d004d1688a80695e508bd665c621afb5110695b31dc06e28cb0a9cd2b04

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:31 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.218.28], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.sltrib.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Tue, 17 May 2022 13:25:31 GMT
arj
os4m-d.openx.net/w/1.0/ Frame 581D 		73 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://os4m-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6f8e3561-58be-4d91-a454-807f7cee3e83&nocache=1652793931685&schain=1.0%2C1!yieldlift.com%2C2000027%2C1%2C%2C%2C&aus=728x90&divids=div-gpt-ad-2371410517890-0&aucs=&auid=545647200
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
bbcef88ae35c2f3863474b2f156d29ef99312800918bc06eb7dd811bb3ae504f

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sltrib.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 581D 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 West Chester, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sltrib.com
date
Tue, 17 May 2022 13:25:32 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid-request
onetag-sys.com/ Frame 581D 		15 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.sltrib.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
c
prebid.a-mo.net/a/ Frame 581D 		0
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sltrib.com
date
Tue, 17 May 2022 13:25:32 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
356
vary
origin, Accept-Encoding
bid
ap.lijit.com/rtb/ Frame 581D 		94 B
745 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.8.0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
08632418af2bb40bfcf02cd9b4e47ad600d8c71d00362a5742d50a0f9dc19b8e

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 13:25:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.sltrib.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
cygnus
htlb.casalemedia.com/ Frame 581D 		37 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=700519&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221187dd5727360e3%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.8.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2212c5468b514f1e2%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22700519%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22yieldlift.com%22%2C%22sid%22%3A%222000027%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
78de39db1a19d3ff9647fccfc17fc8014f30f1f9cb6c2168180e36aaa4c60389

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:31 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.218.28], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.sltrib.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Tue, 17 May 2022 13:25:31 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 581D 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
05039f413da1ad8b661cec7caf5e95148f064651130497eac9f528e9dbac5feb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:31 GMT
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0a374c5f-7a67-4f7e-8523-95a79b0ad8eb
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 581D 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=261912&zone_id=2131224&size_id=2&rp_schain=1.0,1!yieldlift.com,2000027,1,,,&rf=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&tk_flint=pbjs_lite_v6.8.0&x_source.tid=6f8e3561-58be-4d91-a454-807f7cee3e83&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.34134613878315445
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
49d24c201a7d4ae4754309691655aca7c38b3d09dc6d7528e9201bbcfb4354b2

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:31 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ Frame 581D 		95 B
847 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221850fdb25beb1dd%22%3A%224e59f9b672442ace0282%7C728x90%7Cgpid%3D%2F8570%2C89799359%2Fsaltlaketribune%2Fsltrib-14129-728x90-activefill-desktop%22%7D&ref=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=46a36b63-44ae-4770-9997-8da7fcde8420&pv=487bd00b-112a-4073-943b-70e8d7b10ae8&vp=mobile&lib_name=prebid&lib_v=6.8.0&us=10&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22yieldlift.com%22%2C%22sid%22%3A%222000027%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
78a827f70fb77230a2c72f8b241e081ba3648013bc771fa46ec0a250238a9c72
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:31 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-132
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
120
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sltrib.com%2F&domain=www.sltrib.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.sltrib.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 17 May 2022 13:25:31 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1410
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 581D
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sltrib.com%2F&domain=www.sltrib.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=w5G1AnxWeWpDemhiaXppQTdmaU9YVkJrQXNQb1ppQ0hpVDA4NjJGeng2SG53YkFaNTA2bDcxYXUwc0g2aXBwaHpkUVMzVUNhQnlzMnVEZ2hRaGUzSkZaNWM0UEs2Uk5qN2d2WlJMVEZyM1JhMmZmbkxxdFdkOXlQZ05xb1...
344 B
613 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=w5G1AnxWeWpDemhiaXppQTdmaU9YVkJrQXNQb1ppQ0hpVDA4NjJGeng2SG53YkFaNTA2bDcxYXUwc0g2aXBwaHpkUVMzVUNhQnlzMnVEZ2hRaGUzSkZaNWM0UEs2Uk5qN2d2WlJMVEZyM1JhMmZmbkxxdFdkOXlQZ05xb1hwUnVUYkJYdnFic0RjV1ZNcGRtL3F6c29tTmVuaHZGbDhHV0Nqcy9EQTQ4T2U0cWtoc09wYXJRYThIaGxBYkFCWS9zL050Yko1d05JUVBxZkFCRWFHbHJ6WXFrUTIwdm9LVm1UU3RLQWdXSU9nNy83VmtrPXw&cppv=2
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f7d0101f4f881d80f8b7909ff57947d0cce8b0d55d6e7ea0b1f6ad2a560dd6c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2052
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:31 GMT
location
https://mug.criteo.com/sid?cpp=w5G1AnxWeWpDemhiaXppQTdmaU9YVkJrQXNQb1ppQ0hpVDA4NjJGeng2SG53YkFaNTA2bDcxYXUwc0g2aXBwaHpkUVMzVUNhQnlzMnVEZ2hRaGUzSkZaNWM0UEs2Uk5qN2d2WlJMVEZyM1JhMmZmbkxxdFdkOXlQZ05xb1hwUnVUYkJYdnFic0RjV1ZNcGRtL3F6c29tTmVuaHZGbDhHV0Nqcy9EQTQ4T2U0cWtoc09wYXJRYThIaGxBYkFCWS9zL050Yko1d05JUVBxZkFCRWFHbHJ6WXFrUTIwdm9LVm1UU3RLQWdXSU9nNy83VmtrPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1381
content-length
482
expires
0
0.mp4
vid.connatix.com/pid-53d1a0d1-fece-47a0-a31f-3b974da78e6f/60764267-557e-410f-85cb-f102d92ee134/56cd03ca-2ab2-4921-b563-8d73cc0999db/ Frame 08BF 		602 KB
602 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-53d1a0d1-fece-47a0-a31f-3b974da78e6f/60764267-557e-410f-85cb-f102d92ee134/56cd03ca-2ab2-4921-b563-8d73cc0999db/0.mp4
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/162633/hls.5b3b785f487abbe00eee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
24a0611f0149e0679ad79ef2b954a1cc135f8c5c8fbfde51db874807a363bb44

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range
bytes=1362-617921

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
last-modified
Fri, 16 Apr 2021 17:29:20 GMT
age
91065
etag
"98837544ae4968e732bc1b97df9727d0"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 1362-617921/6067007
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
616560
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sltrib.com%2F&domain=www.sltrib.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.sltrib.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 17 May 2022 13:25:31 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1243
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame FFC3
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sltrib.com%2F&domain=www.sltrib.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=pRszknw2K2dQWGZmUHFVT3c1Q2lDTDZ3Nm5wNDQ3VStjRnlSUFV4cDNxdGFTdHp5MlU5ZE16dXFVQXhSQVp4RlV1OTlZb25ndjVyLytxYW1kYVUzUGJoV3dEc2hWc0VicXN0bXBRY3lOSW15Z0pjN2tTeGZaQ1VUcmJlWS...
337 B
606 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=pRszknw2K2dQWGZmUHFVT3c1Q2lDTDZ3Nm5wNDQ3VStjRnlSUFV4cDNxdGFTdHp5MlU5ZE16dXFVQXhSQVp4RlV1OTlZb25ndjVyLytxYW1kYVUzUGJoV3dEc2hWc0VicXN0bXBRY3lOSW15Z0pjN2tTeGZaQ1VUcmJlWS9XYnRRK21tWDF3UExyamE4d0RRUEtnNTAyY2xjRlhSY0ZOQ2pFZlk0R1hubThxVnR0aEUvbUxjNnl3TTl3MjAvNldRcER6ZjFDaU91dXpLZVhtU2pDc2YvVHlNOWdlbkgyUmZIVzk0aXdrS09kbUZaQ3ZnPXw&cppv=2
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
07d849e5b48ac7b9052bd47262ac20c0e3cac5d8ad3cacd2bd9ee0b4a66d4606
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2092
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:31 GMT
location
https://mug.criteo.com/sid?cpp=pRszknw2K2dQWGZmUHFVT3c1Q2lDTDZ3Nm5wNDQ3VStjRnlSUFV4cDNxdGFTdHp5MlU5ZE16dXFVQXhSQVp4RlV1OTlZb25ndjVyLytxYW1kYVUzUGJoV3dEc2hWc0VicXN0bXBRY3lOSW15Z0pjN2tTeGZaQ1VUcmJlWS9XYnRRK21tWDF3UExyamE4d0RRUEtnNTAyY2xjRlhSY0ZOQ2pFZlk0R1hubThxVnR0aEUvbUxjNnl3TTl3MjAvNldRcER6ZjFDaU91dXpLZVhtU2pDc2YvVHlNOWdlbkgyUmZIVzk0aXdrS09kbUZaQ3ZnPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1360
content-length
482
expires
0
gpt.js
www.googletagservices.com/tag/js/ Frame 613D 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4851a7dc2b9f3b034271acc1beed8105403e004bd61d3a0c3cdb0165c8048826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28366
x-xss-protection
0
server
sffe
etag
"1217 / 392 of 1000 / last-modified: 1652785552"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 17 May 2022 13:25:31 GMT
g
capi-tier-2-us-east-2.connatix.com/rtb/ Frame 08BF 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-2-us-east-2.connatix.com/rtb/g?v=162633
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.190.49.176 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-49-176.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
ao
capi-tier-2-us-east-2.connatix.com/tr/ Frame BEF5 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-2-us-east-2.connatix.com/tr/ao?v=162633
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.190.49.176 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-49-176.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
g
capi-tier-2-us-east-2.connatix.com/rtb/ Frame BEF5 		321 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-2-us-east-2.connatix.com/rtb/g?v=162633
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.190.49.176 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-49-176.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e1b1bcbcc0cbe6898cdb66bcc93dfb2a9b0b0469d554e18e71594ad7c63f52c1

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
273
ps
capi-tier-2-us-east-2.connatix.com/tr/ Frame BEF5 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-2-us-east-2.connatix.com/tr/ps?v=162633
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.190.49.176 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-49-176.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
55dc5fdc-3684-4c05-9fbd-567d1345f077.jpg
img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/ 		25 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/55dc5fdc-3684-4c05-9fbd-567d1345f077.jpg?crop=574:395,smart&width=574&height=395&format=jpeg&quality=60&fit=crop
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ba2931934c2563d8594e776d80fbb2c1302ca0d41fcc5bd0cf2567c2aa2c18f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
br
age
37735
etag
"w92EsHI7B/jCRuJQua5fz0NDseqQIF3AcXx1q1yV0AQ"
access-control-max-age
86400
fastly-io-info
ifsz=102185 idim=1200x630 ifmt=jpeg ofsz=25134 odim=574x395 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
24737
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sltrib.com%2F&domain=www.sltrib.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.sltrib.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 17 May 2022 13:25:30 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1329
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 0CFB
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sltrib.com%2F&domain=www.sltrib.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=pt2OOXx0UGF2RjJXelVuRGdvekF0SUZKQlFORmxWaWVsWllXb1lvS3Y3WEhaRkhFR1JDbHJkVEdwS20xbU9iRGxGRmFqTlF5QWhDeHc5aGJZREcrQ1o1N3ByQW5kbmVObFJEdHVhSzcrRG5OWEgzcVQvWnBTSUVQQzBtZm...
347 B
615 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=pt2OOXx0UGF2RjJXelVuRGdvekF0SUZKQlFORmxWaWVsWllXb1lvS3Y3WEhaRkhFR1JDbHJkVEdwS20xbU9iRGxGRmFqTlF5QWhDeHc5aGJZREcrQ1o1N3ByQW5kbmVObFJEdHVhSzcrRG5OWEgzcVQvWnBTSUVQQzBtZmJtam1UcHhrMG53NUZhV1lzOWpmTWZESDhtMTlYRVdtczIrNVpHVmZLSjJTVDU5TS96SGx4RUo0MmI3ODJ4cVphWnNlbDFmeXlFVXJ0L1M4cGwxZjVEaG1ERnhta1hPM1R4d1pTdlo4RGpCUk5CMEpPMUI0PXw&cppv=2
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
d59f570178e02f5cf045d3a553fb08d8bb196f4a27101b4708647d0398903529
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2438
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:31 GMT
location
https://mug.criteo.com/sid?cpp=pt2OOXx0UGF2RjJXelVuRGdvekF0SUZKQlFORmxWaWVsWllXb1lvS3Y3WEhaRkhFR1JDbHJkVEdwS20xbU9iRGxGRmFqTlF5QWhDeHc5aGJZREcrQ1o1N3ByQW5kbmVObFJEdHVhSzcrRG5OWEgzcVQvWnBTSUVQQzBtZmJtam1UcHhrMG53NUZhV1lzOWpmTWZESDhtMTlYRVdtczIrNVpHVmZLSjJTVDU5TS96SGx4RUo0MmI3ODJ4cVphWnNlbDFmeXlFVXJ0L1M4cGwxZjVEaG1ERnhta1hPM1R4d1pTdlo4RGpCUk5CMEpPMUI0PXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1285
content-length
482
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sltrib.com%2F&domain=www.sltrib.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.sltrib.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 17 May 2022 13:25:31 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1198
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 613D
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sltrib.com%2F&domain=www.sltrib.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=ycZ0U3xKRkJRY0VUN0F0K21sWjdLVUQvTlF2WWVSR05aZDZrcFlyNlpMSFBPYXpYdVFtZ1NYVVNpeHYrc2drdHVDZEU5QndRQ3hRRFptY0U3b1BjZ0tQNzZPb0VkNUovM1dPZjhuVTROY2duZGJabzZYR0o2Yjcyckp6U1...
342 B
613 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ycZ0U3xKRkJRY0VUN0F0K21sWjdLVUQvTlF2WWVSR05aZDZrcFlyNlpMSFBPYXpYdVFtZ1NYVVNpeHYrc2drdHVDZEU5QndRQ3hRRFptY0U3b1BjZ0tQNzZPb0VkNUovM1dPZjhuVTROY2duZGJabzZYR0o2Yjcyckp6U1hxaFkwSEE0TkM1SHJ5WkxkRUVFbVlTYTNKUmtoQ0VPTzNRNHh4VFYweC92d2lOSkJzZTdjczB2a3NmN1I0VUdYaEtLbzh4WVFaUlpjeGZxTHpKNGRrcWdXUStSTVRnZ3RpM0FBUmJrbmV4SmN6LzV6M2RzPXw&cppv=2
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
1b4020ad05124908be8df282ab84bc10ce71348dc9829e3872d0f238d1d56570
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:32 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2539
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:31 GMT
location
https://mug.criteo.com/sid?cpp=ycZ0U3xKRkJRY0VUN0F0K21sWjdLVUQvTlF2WWVSR05aZDZrcFlyNlpMSFBPYXpYdVFtZ1NYVVNpeHYrc2drdHVDZEU5QndRQ3hRRFptY0U3b1BjZ0tQNzZPb0VkNUovM1dPZjhuVTROY2duZGJabzZYR0o2Yjcyckp6U1hxaFkwSEE0TkM1SHJ5WkxkRUVFbVlTYTNKUmtoQ0VPTzNRNHh4VFYweC92d2lOSkJzZTdjczB2a3NmN1I0VUdYaEtLbzh4WVFaUlpjeGZxTHpKNGRrcWdXUStSTVRnZ3RpM0FBUmJrbmV4SmN6LzV6M2RzPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1323
content-length
482
expires
0
55dc5fdc-3684-4c05-9fbd-567d1345f077.jpg
img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/55dc5fdc-3684-4c05-9fbd-567d1345f077.jpg?crop=574:323,smart&width=574&height=323&format=jpeg&quality=60&fit=crop
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b38139b07f628a5d6288c203b27cf3801e90cc26a88845f3f12ed427f35cd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
br
age
37736
etag
"bTTnDm9dLDhSmbaf8a3yNJ9tWaNyq+Oj2EGvo7JnQIs"
access-control-max-age
86400
fastly-io-info
ifsz=102185 idim=1200x630 ifmt=jpeg ofsz=21654 odim=574x323 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
21264
2c0ef076-3eec-455d-9dbd-0c71fe0a448c.jpg
img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/2c0ef076-3eec-455d-9dbd-0c71fe0a448c.jpg?crop=574:323,smart&width=574&height=323&format=jpeg&quality=60&fit=crop
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2d7132fc882688607c74307493f0326b4b3cbf75d94d69cb0a1b4015ffbb7d7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
br
age
37736
etag
"ENQrzMUUgnew3dlrQt030k87T52bs1eH88aZY5nM8LQ"
access-control-max-age
86400
fastly-io-info
ifsz=122547 idim=1200x630 ifmt=jpeg ofsz=25925 odim=574x323 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
25569
f9ed3223-ef73-4e07-81a1-fbde930c1809.jpg
img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/f9ed3223-ef73-4e07-81a1-fbde930c1809.jpg?crop=574:323,smart&width=574&height=323&format=jpeg&quality=60&fit=crop
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
337de92eee3ee1dc8a0d0bfd8c7f627d71a3ae4b9c2b19ac0ff8eb5fee59fc66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
br
age
37735
etag
"KETc+LNZ1i6fSV9gre21jWeWsbnozWQGAqYfpGPT0Zo"
access-control-max-age
86400
fastly-io-info
ifsz=83633 idim=1200x630 ifmt=jpeg ofsz=13687 odim=574x323 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
13315
3117dd79-6ffc-45c9-b793-cf17cd6990b6.jpg
img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/3117dd79-6ffc-45c9-b793-cf17cd6990b6.jpg?crop=574:323,smart&width=574&height=323&format=jpeg&quality=60&fit=crop
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
79660607c79b54f8f85a8306a0bd01dddc0fff67ca1268593b884838e93b9f18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
br
age
37735
etag
"k9p3VSxpCHHwMSXug8HEN6I4zfDoP617GafbY8TnKV4"
access-control-max-age
86400
fastly-io-info
ifsz=165596 idim=1200x630 ifmt=jpeg ofsz=28096 odim=574x323 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
27759
3e55a5e3-3b23-425d-b6f1-f73817268d36.jpg
img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/ 		27 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/3e55a5e3-3b23-425d-b6f1-f73817268d36.jpg?crop=574:323,smart&width=574&height=323&format=jpeg&quality=60&fit=crop
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e830075c18978e767ad0edadf6d00767105d90462c1de8bf53f9e8aec16d31ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
br
age
37736
etag
"03jsaGrYqu/mrnwXDX2u0VB9K2ljIu9qUq9BJAmXAHg"
access-control-max-age
86400
fastly-io-info
ifsz=122643 idim=1200x630 ifmt=jpeg ofsz=27280 odim=574x323 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
26310
/
id.sltrib.com/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sltrib.com/?maxAge=2628000
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 17 May 2022 13:25:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
strict-transport-security
max-age=86400; includeSubDomains
cf-ray
70ccadfb2dc49963-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
bridge3.516.0_en.html
imasdk.googleapis.com/js/core/ Frame BBB4 		634 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.516.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
066fc3ce045361bba8240f583393178cdedced02f8d4bb917c2d3f0520032564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
162412
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210041
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 16:18:39 GMT
expires
Mon, 15 May 2023 16:18:39 GMT
last-modified
Tue, 10 May 2022 20:24:29 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame BEF5 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 13:25:31 GMT
bridge3.516.0_en.html
imasdk.googleapis.com/js/core/ Frame B31B 		634 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.516.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
066fc3ce045361bba8240f583393178cdedced02f8d4bb917c2d3f0520032564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
162412
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210041
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 16:18:39 GMT
expires
Mon, 15 May 2023 16:18:39 GMT
last-modified
Tue, 10 May 2022 20:24:29 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.516.0_en.html
imasdk.googleapis.com/js/core/ Frame C2C6 		634 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.516.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
066fc3ce045361bba8240f583393178cdedced02f8d4bb917c2d3f0520032564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
162412
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210041
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 16:18:39 GMT
expires
Mon, 15 May 2023 16:18:39 GMT
last-modified
Tue, 10 May 2022 20:24:29 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_2022051201.js
securepubads.g.doubleclick.net/gpt/ Frame 0CFB 		368 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
7e34e3650444be4442224a77990a95d0ba66457124adf9e73df76e8134110d1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 12:53:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1938
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127621
x-xss-protection
0
last-modified
Thu, 12 May 2022 08:35:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 17 May 2023 12:53:13 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=pRszknw2K2dQWGZmUHFVT3c1Q2lDTDZ3Nm5wNDQ3VStjRnlSUFV4cDNxdGFTdHp5MlU5ZE16dXFVQXhSQVp4RlV1OTlZb25ndjVyLytxYW1kYVUzUGJoV3dEc2hWc0VicXN0bXBRY3lOSW15Z0pjN2tTeGZaQ1VUcmJlWS9XYnRRK21tWDF3UExyamE4d0RRUEtnNTAyY2xjRlhSY0ZOQ2pFZlk0R1hubThxVnR0aEUvbUxjNnl3TTl3MjAvNldRcER6ZjFDaU91dXpLZVhtU2pDc2YvVHlNOWdlbkgyUmZIVzk0aXdrS09kbUZaQ3ZnPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 17 May 2022 13:25:31 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1166
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=pt2OOXx0UGF2RjJXelVuRGdvekF0SUZKQlFORmxWaWVsWllXb1lvS3Y3WEhaRkhFR1JDbHJkVEdwS20xbU9iRGxGRmFqTlF5QWhDeHc5aGJZREcrQ1o1N3ByQW5kbmVObFJEdHVhSzcrRG5OWEgzcVQvWnBTSUVQQzBtZmJtam1UcHhrMG53NUZhV1lzOWpmTWZESDhtMTlYRVdtczIrNVpHVmZLSjJTVDU5TS96SGx4RUo0MmI3ODJ4cVphWnNlbDFmeXlFVXJ0L1M4cGwxZjVEaG1ERnhta1hPM1R4d1pTdlo4RGpCUk5CMEpPMUI0PXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 17 May 2022 13:25:32 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1198
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ycZ0U3xKRkJRY0VUN0F0K21sWjdLVUQvTlF2WWVSR05aZDZrcFlyNlpMSFBPYXpYdVFtZ1NYVVNpeHYrc2drdHVDZEU5QndRQ3hRRFptY0U3b1BjZ0tQNzZPb0VkNUovM1dPZjhuVTROY2duZGJabzZYR0o2Yjcyckp6U1hxaFkwSEE0TkM1SHJ5WkxkRUVFbVlTYTNKUmtoQ0VPTzNRNHh4VFYweC92d2lOSkJzZTdjczB2a3NmN1I0VUdYaEtLbzh4WVFaUlpjeGZxTHpKNGRrcWdXUStSTVRnZ3RpM0FBUmJrbmV4SmN6LzV6M2RzPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 17 May 2022 13:25:31 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1176
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=w5G1AnxWeWpDemhiaXppQTdmaU9YVkJrQXNQb1ppQ0hpVDA4NjJGeng2SG53YkFaNTA2bDcxYXUwc0g2aXBwaHpkUVMzVUNhQnlzMnVEZ2hRaGUzSkZaNWM0UEs2Uk5qN2d2WlJMVEZyM1JhMmZmbkxxdFdkOXlQZ05xb1hwUnVUYkJYdnFic0RjV1ZNcGRtL3F6c29tTmVuaHZGbDhHV0Nqcy9EQTQ4T2U0cWtoc09wYXJRYThIaGxBYkFCWS9zL050Yko1d05JUVBxZkFCRWFHbHJ6WXFrUTIwdm9LVm1UU3RLQWdXSU9nNy83VmtrPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 17 May 2022 13:25:32 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1107
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame EE8E 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:21:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
263
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 17 May 2022 14:21:09 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 80BA 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:21:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
263
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 17 May 2022 14:21:09 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D24F 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:21:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
263
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 17 May 2022 14:21:09 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1861219499&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&ul=en-us&de=UTF-8&dt=Richest%20Utah%20native%20vows%20to%20give%20away%2090%25%20of%20his%20billions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=showOffer&ea=%20offerId_OFB02CG2O32L____templateId_OTB63GH3ELLS____aid_vxCIN3E3cT&el=Show%20offer%20offerId%3AOFB02CG2O32L%20templateId%3AOTB63GH3ELLS%20aid%3AvxCIN3E3cT&_u=aODAAEABAAAAAC~&jid=987852202&gjid=1857568786&cid=1494881405.1652793928&tid=UA-26935592-1&_gid=1643013943.1652793928&_r=1&z=72037770
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022051201.js
securepubads.g.doubleclick.net/gpt/ Frame 613D 		368 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js?cb=31067626
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
7e34e3650444be4442224a77990a95d0ba66457124adf9e73df76e8134110d1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 10:34:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96637
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127621
x-xss-protection
0
last-modified
Thu, 12 May 2022 08:35:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 16 May 2023 10:34:55 GMT
g
capi-tier-2-us-east-2.connatix.com/rtb/ Frame BEF5 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-2-us-east-2.connatix.com/rtb/g?v=162633
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.190.49.176 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-49-176.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 17 May 2022 13:25:31 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
analytics.js
www.google-analytics.com/ Frame 2966 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3984
date
Tue, 17 May 2022 12:19:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 17 May 2022 14:19:08 GMT
26f98415-97d1-4896-8f20-538c5220a80c
https://www.sltrib.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.sltrib.com/26f98415-97d1-4896-8f20-538c5220a80c
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-26935592-1&cid=1494881405.1652793928&jid=987852202&gjid=1857568786&_gid=1643013943.1652793928&_u=aODAAEABAAAAAC~&z=1126209838
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 17 May 2022 13:25:32 GMT
content-type
text/plain
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 43B3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss36a0rCT_snlaHFGC3lNPgdNnAEDgj05IX-fuAFjNmNU8YFYBzgbyP4-HwaxchVl1MkK_cL0xyC532_Xi11vdeV7oaZHrP8MB3MHx0BmHVUxfVMT05VB60DKfBkLxPMMAi28pOEY7c3OsvLppPdwO4m3WxZ5UNxh1Ds7SF_psvNym1O_vTu5roVeYH80YUp1l68kYgLEliCOlqaZkwC1TlJJxC63msEuKKrTiFbnCY39OeVcNA2H4CqOe679Zc03DEU5YOE6j6rEsUMqoc-gXp7mSHPdx7BYZb__qdb4Nv13G5BevOO0nWQmEj72BddIPNur_NlYarFuI&sig=Cg0ArKJSzDxLKH0fbWhDEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 13:25:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 17 May 2022 13:25:32 GMT
truncated
/ Frame 43B3 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eac89fef3e543f077daf2726217c21fca3906bdcef9bcfc874a3b86b9ae50c9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 7893 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstmY1wlIUf6nnvb_UNBh5xXXZgiXdca32TzSRi4rxWwpmo4ZlCSSonj01QP_W2nRf8DndBSt05oBtgN73s4KQghDJEXnGeiOs9WXGbA85Q-L7D9ZBO-30ERN3jaawvXsHBwbZXqGQGNdag2Obsmkj_S3NlWfOJTLrZ_tNPLH1GQ2QwxbJiV7vUN4HhN_RkxcATqcDceseV231g9YCeCoEgyml6QtpsxsvanfGfb3pytDsHvee70yqZPUiL4Njg7aaNF0SbhvqFQ5eiBjxrHA1PFEzK43f6NbNOSDvWB_Nosgr7Rtu-6C4jvv9GhOFonOQs6gEPUoz9cX78&sig=Cg0ArKJSzAFH3hIge_egEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 13:25:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 17 May 2022 13:25:32 GMT
truncated
/ Frame 7893 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3197c2f53a5e358304712770a37c2765d1ebe08e55afb8375c6328ef4e395d36

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame B642 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAhQxbBSb9ry6hYlWR15xrb8o2lZbwViyFpsHHf9E5HJ_cgoXkeUa0mYx1XzMd-2GGqt1rbxwR9BoGNC2Sc3GV6piK4sXUxMJKl78yZMsecLb72GI_xtWNsXACtArIZn8osgr4a2bByDN0oNfDNHvU0EtiH0ghOZ6ayrhwfu_PekEZWBcqO8NPvVdP6vPt8Ou7ChhZ771C7TTGJLdhLVpUFE5KevrD5opPwN9LYFty8hWUlHLSCAJCLoFqto5cGSG73XcD4XSo-OACsVtkZOGwRHBxIpVvwHSEYHXQsvfkd2fwktI5kLg5RXC7-US_e-10SReClDbqUX4&sig=Cg0ArKJSzFKHVIlG49XZEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 13:25:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 17 May 2022 13:25:32 GMT
truncated
/ Frame B642 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
18006e8ce2321556f27bdec7992107edaeaf14027b0d031873a3aec1ad703421

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 46D2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_Fu5ORdjImOS7GbQ6HvL1FujpazlilHi9yodwjd6Zea8j4rSLijc0a5c1lO2Sz74YQIOzZLJqCIigZm14t1u-8DifzMfhRSGgy4JuDnQIDmsPQ2NVqzrsbmrOc1Pn5HEyWuPJz9v0Kd2uZwiPD5Qu0tU9_4mpMqkFTvzuWLLiVhGSZlZ92LwWNio30zbKVqU7GHCxUck-CSITQ-wjAq55oElslIfbHRkpOUtUsSzhKYyaKXWuuoX8jjqG7UK9u32C4vZuNdmBTdd5-No3PyRNLXV9jsRlxYzdc-e8Vq4EgbAGH1cInhQXZ3MtpLEHqc99AL4335_KINk&sig=Cg0ArKJSzDJuWREQC3MuEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 13:25:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 17 May 2022 13:25:32 GMT
truncated
/ Frame 46D2 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56906ec51dea6b7380781f28ef2574e88969b2c67cbfe44dbc3753cdb58442ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-26935592-1&cid=1494881405.1652793928&jid=987852202&_u=aODAAEABAAAAAC~&z=763898112
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80f::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-26935592-1&cid=1494881405.1652793928&jid=987852202&_u=aODAAEABAAAAAC~&z=763898112
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c
prebid.a-mo.net/a/ Frame 0CFB 		0
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sltrib.com
date
Tue, 17 May 2022 13:25:32 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
258
vary
origin, Accept-Encoding
cygnus
htlb.casalemedia.com/ Frame 0CFB 		36 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=700519&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223c24d788532c08%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.8.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224e9b6ba35cdce3%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22700519%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22yieldlift.com%22%2C%22sid%22%3A%222000027%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1f0fe80009a01f223e7b8b9a4323f3b7987c8e4cd6b250031eb3b358aab9371f

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:32 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.218.28], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.sltrib.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Tue, 17 May 2022 13:25:32 GMT
translator
hbopenbid.pubmatic.com/ Frame 0CFB 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 West Chester, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sltrib.com
date
Tue, 17 May 2022 13:25:31 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
os4m-d.openx.net/w/1.0/ Frame 0CFB 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://os4m-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=60dcb68b-81b7-4b3c-9000-210c2ad94be9&nocache=1652793932433&pubcid=5127c063-3a13-46e8-adb5-e612903fc64c&schain=1.0%2C1!yieldlift.com%2C2000027%2C1%2C%2C%2C&aus=728x90&divids=div-gpt-ad-2371410517890-0&aucs=&auid=545647200
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e7a76e6a18f5731e86e4ca1311256e8d1f46cfbeb9c07fc41db096313168398e

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:32 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sltrib.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 0CFB 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
877aaa23a4ad9234fb7466411cb2da4e155d3ead933bc0e64dfd7097b9faf94f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 13:25:32 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
7738b366-d64a-4b2a-a6d1-8d236c4bd445
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 0CFB 		94 B
745 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.8.0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
80f1a4f56e007eea4b548725a662a618675d06325fa2cb74f761023303dd2a35

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 13:25:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.sltrib.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 0CFB 		240 B
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=261912&zone_id=2131224&size_id=2&rp_schain=1.0,1!yieldlift.com,2000027,1,,,&rf=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&tk_flint=pbjs_lite_v6.8.0&x_source.tid=60dcb68b-81b7-4b3c-9000-210c2ad94be9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.09874940289434386
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2e6e6d3373f51dec53dc3af3fac9a723926e8db2bb737323bf54b48f8ff750f2

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:32 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid-request
onetag-sys.com/ Frame 0CFB 		15 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.sltrib.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
trinity.json
apex.go.sonobi.com/ Frame 0CFB 		95 B
645 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22188bc059281b49d%22%3A%224e59f9b672442ace0282%7C728x90%7Cgpid%3D%2F8570%2C89799359%2Fsaltlaketribune%2Fsltrib-14129-728x90-activefill-desktop%22%7D&ref=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=8b2d0723-a286-4530-baed-6ff83a103032&pv=822b2aa1-413a-4d90-a3a3-32a3c85ffca9&vp=mobile&lib_name=prebid&lib_v=6.8.0&us=10&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22yieldlift.com%22%2C%22sid%22%3A%222000027%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%225127c063-3a13-46e8-adb5-e612903fc64c%22%7D&coppa=0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
7ac70197a254546d1b2db193ab647a5306d053b760e007032cb629ce44d799ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:32 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-132
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
120
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid-request
onetag-sys.com/ Frame 613D 		15 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14130/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.sltrib.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
c
prebid.a-mo.net/a/ Frame 613D 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14130/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sltrib.com
date
Tue, 17 May 2022 13:25:32 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
270
vary
origin, Accept-Encoding
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 613D 		241 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=261912&zone_id=2131226&size_id=10&rp_schain=1.0,1!yieldlift.com,2000027,1,,,&eid_pubcid.org=5127c063-3a13-46e8-adb5-e612903fc64c%5E1&rf=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&tk_flint=pbjs_lite_v6.8.0&x_source.tid=c48effbe-78c9-4237-bf34-cd9d43713126&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.08352410357470874
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14130/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8e1f4f2c18a58e56a36f6512b2a7d0593de0608c82ae7f8cd2f63d82396bca38

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:32 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 613D 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14130/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
51e828bc578ff545411903bb74163dd40d80b8f4b8bb1c957d073f629f1d43e1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:32 GMT
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f5f77ba0-a7e4-4c2a-92fc-a91a54cff4f8
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 613D 		94 B
745 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.8.0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14130/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
5cae7368b288d75e26f2368ba75b43962fa19df639755766ca2d491397f2f38e

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 13:25:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.sltrib.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
trinity.json
apex.go.sonobi.com/ Frame 613D 		95 B
645 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22125f1dc4312bb9b%22%3A%228b3a5ea57ab3646abbbd%7C300x600%7Cgpid%3D%2F8570%2C89799359%2Fsaltlaketribune%2Fsltrib-14130-300x600-activefill-desktop%22%7D&ref=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=06315346-f526-4e16-828a-aa8c65fcd8b6&pv=ac5360f6-5cd1-4a74-9ac5-95835147c86f&vp=mobile&lib_name=prebid&lib_v=6.8.0&us=10&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22yieldlift.com%22%2C%22sid%22%3A%222000027%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%225127c063-3a13-46e8-adb5-e612903fc64c%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%225127c063-3a13-46e8-adb5-e612903fc64c%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14130/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
0b32d1f7751a3dac2a1bf5b2cce419242d1426d128a39df493c4bbfe81a70579
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:32 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-132
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
120
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
arj
os4m-d.openx.net/w/1.0/ Frame 613D 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://os4m-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c48effbe-78c9-4237-bf34-cd9d43713126&nocache=1652793932504&pubcid=5127c063-3a13-46e8-adb5-e612903fc64c&schain=1.0%2C1!yieldlift.com%2C2000027%2C1%2C%2C%2C&aus=300x600&divids=div-gpt-ad-2691737406881-0&aucs=&auid=545647201
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14130/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
d9df2d7dc53654d1a0d153355fba415f8fcd6fcb35e3dbb79c634110dfaaed8d

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:32 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sltrib.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 613D 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14130/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 West Chester, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sltrib.com
date
Tue, 17 May 2022 13:25:32 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ Frame 613D 		37 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=700520&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22176233ec73e90a7%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.8.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221881f1b2938d83c%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22700520%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22yieldlift.com%22%2C%22sid%22%3A%222000027%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%225127c063-3a13-46e8-adb5-e612903fc64c%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14130/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5a22f460825a8911b55b0856fd4e2cf0e378621a55dbd6f69b4bf4af3e31ae83

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:32 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.218.28], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.sltrib.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Tue, 17 May 2022 13:25:32 GMT
integrator.js
adservice.google.de/adsid/ Frame FFC3 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sltrib.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 13:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame FFC3 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sltrib.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 13:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame FFC3 		29 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3209455519882662&correlator=3303109373388488&eid=31061167&output=ldjh&gdfp_req=1&vrg=2022051201&ptt=17&impl=fifs&iu_parts=8570%3A89799359%2Csaltlaketribune%2Csltrib-14129-728x90-activefill-desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=1&adks=2597643340&sfv=1-0-38&ecs=20220517&fsapi=false&prev_scp=rfsh%3D1%26rfshtime%3D9&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1652793932523&lmt=1652793932&dlt=1652793930546&idt=913&biw=1600&bih=1200&isw=728&ish=90&adxs=436&adys=16&ucis=o4t77j3ca3tp&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=2&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&ref=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&top=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&fws=260&ohw=728&ea=0&ga_vid=1494881405.1652793928&ga_sid=1652793933&ga_hid=1346856444&ga_fc=true&btvi=0&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
47e8ddb626a8043f3cf03cb46b4dea49075c693484f5899822656bc4d00ebe1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12138
x-xss-protection
0
google-lineitem-id
5071160298
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138296811092
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame FFC3 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022051201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
115c8e44a715762f9234bc80a8037b8dbb5d6ac4345d9905581c1a946bdff866
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 13:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10411
x-xss-protection
0
container.html
f42ba5b851365cd3b94302d5042bf5f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9AC9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f42ba5b851365cd3b94302d5042bf5f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:25:32 GMT
expires
Wed, 17 May 2023 13:25:32 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
0.mp4
vid.connatix.com/pid-53d1a0d1-fece-47a0-a31f-3b974da78e6f/60764267-557e-410f-85cb-f102d92ee134/56cd03ca-2ab2-4921-b563-8d73cc0999db/ Frame 08BF 		645 KB
645 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-53d1a0d1-fece-47a0-a31f-3b974da78e6f/60764267-557e-410f-85cb-f102d92ee134/56cd03ca-2ab2-4921-b563-8d73cc0999db/0.mp4
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/162633/hls.5b3b785f487abbe00eee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8bc130731976b5d913d5acc8bf28bbfd6114998bf4215f4b52c45aa599ec97b6

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range
bytes=617922-1278328

Response headers

date
Tue, 17 May 2022 13:25:32 GMT
last-modified
Fri, 16 Apr 2021 17:29:20 GMT
age
91066
etag
"98837544ae4968e732bc1b97df9727d0"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 617922-1278328/6067007
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
660407
integrator.js
adservice.google.de/adsid/ Frame 581D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sltrib.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 13:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 581D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sltrib.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 13:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 581D 		29 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1834684928795533&correlator=3916134997919077&eid=31067418%2C31064018&output=ldjh&gdfp_req=1&vrg=2022051201&ptt=17&impl=fifs&iu_parts=8570%3A89799359%2Csaltlaketribune%2Csltrib-14129-728x90-activefill-desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=1&adks=2597643340&sfv=1-0-38&ecs=20220517&fsapi=false&prev_scp=rfsh%3D1%26rfshtime%3D9&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1652793932588&lmt=1652793932&dlt=1652793930557&idt=931&biw=1600&bih=1200&isw=728&ish=90&adxs=141&adys=1707&ucis=f82cwysjbh9i&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=2&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&ref=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&top=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&fws=260&ohw=728&ea=0&ga_vid=1494881405.1652793928&ga_sid=1652793933&ga_hid=1230829930&ga_fc=true&btvi=1&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
aa54fe5362322d80647ac687671ad01fe1e2424ae65749dda5d5bbf2a2810cac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12100
x-xss-protection
0
google-lineitem-id
5071160298
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138296811092
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 581D 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022051201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc14648f3b64b2be656327d5e789668718cf765a00edce493f344dc7078361ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 13:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10664
x-xss-protection
0
container.html
ab39ef3ae26ed11d28281cd0aec9818b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 85EE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ab39ef3ae26ed11d28281cd0aec9818b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:25:32 GMT
expires
Wed, 17 May 2023 13:25:32 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FFC3 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 May 2022 13:25:32 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 581D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 May 2022 13:25:32 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022051201&st=env
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c85a2b364480e5db9371f4173d69fba81a772ed2fd5d68e845c2cd994f1da462
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 13:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10601
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8B48 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2120
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 12:50:12 GMT
expires
Wed, 17 May 2023 12:50:12 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 013B 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80f::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3833acbf9657d481c9cb8de56cc1b9bf92c69564b0d8ef01239e0927550f5db8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MnB-9gHb9V1SOyG-xGDdaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-MnB-9gHb9V1SOyG-xGDdaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:25:32 GMT
expires
Tue, 17 May 2022 13:25:32 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 92A7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2120
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 12:50:12 GMT
expires
Wed, 17 May 2023 12:50:12 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A09B 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80f::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c7cea731166b7048c9a3328519c5748d090b2715befacfb9e3564992a42d99fb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7y0RCS5uetoYZygnclQxRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-7y0RCS5uetoYZygnclQxRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:25:32 GMT
expires
Tue, 17 May 2022 13:25:32 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 013B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022051201&jk=3209455519882662&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 80E3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsslgWqVfVuc0Ab3vnGDts8YGFsOEO0U0uC4vsKtpJHgCcriyo8qNi2zs0eV9BRlG_61A2mXmJ9TYi2S7Mw44MaLVz6V0XJi0PkZC8jXgzp-7lGhdWLQuBGqE0TyKza9gNbg-xxxRVj0mftaiHxOKmp2RE8Nyu1L4UKiaUQCALNYzc4AdoSq1k-jRx19gZChJ7nGpGr1i1Xy5Qh8FkZZfEpIKpsYF6VDkirms10ogEQEox3VLpKIhnsRqQKnh3xlwPVOxXbbpHgguWuP0uKhgDGV-hG_Fx2BLisYNNJdCbRgrW752CVcZiDk2_OhrkrL0y92KxThIQ9rc46O11ELxsgWgbvo4u9gv4kw4Sg&sig=Cg0ArKJSzHz_58ziLF8yEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 13:25:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 80E3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:23:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
103
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 13:23:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 80E3 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 May 2022 13:25:32 GMT
3083443360271152484
tpc.googlesyndication.com/simgad/ Frame 80E3 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3083443360271152484
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e299ebc7e9d8ba28f03e84211b2cfb5d292eb455c0bc310522934894a8adc3b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 10 May 2022 20:31:14 GMT
x-content-type-options
nosniff
age
579258
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16907
x-xss-protection
0
last-modified
Thu, 05 Dec 2019 18:43:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 10 May 2023 20:31:14 GMT
l
www.google.com/ads/measurement/ Frame 80E3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSTTTx143e-EkRD5BFDDTvPVrf_L2rRllgkloH_Gign8ri5xML4lSg07918tK0iLt-tO0MgGKIZ6E0iP4X53M9ZEC7LFA
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80f::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
truncated
/ Frame 80E3 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ab1a066ef87014962593021fbbfacc9448b804a390c9b4a566371df8d536148

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.de/adsid/ Frame 0CFB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sltrib.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 13:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0CFB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sltrib.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 13:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 0CFB 		19 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1870961346213497&correlator=2120893076767945&eid=31067383&output=ldjh&gdfp_req=1&vrg=2022051201&ptt=17&impl=fifs&iu_parts=8570%3A89799359%2Csaltlaketribune%2Csltrib-14129-728x90-activefill-desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=1&adks=2597643340&sfv=1-0-38&ecs=20220517&fsapi=false&prev_scp=hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.02%26hb_adid_appnexus%3D20525ca9bcd7374%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.02%26hb_adid%3D20525ca9bcd7374%26hb_bidder%3Dappnexus%26rfsh%3D1%26rfshtime%3D9&eri=1&sc=1&cookie=ID%3D7df1192b992c8577%3AT%3D1652793932%3AS%3DALNI_MYzcCb4FWiaYGYtGnfmRHXhzCys1g&gpic=UID%3D00000661a8276196%3AT%3D1652793932%3ART%3D1652793932%3AS%3DALNI_Mar9Y3ETBMBuSILUvneZ3xBNX3B2g&abxe=1&dt=1652793932830&lmt=1652793932&dlt=1652793930889&idt=1408&biw=1600&bih=1200&isw=728&ish=90&adxs=141&adys=2423&ucis=tgxn8y2m96b7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=2&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&ref=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&top=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&fws=260&ohw=728&ea=0&ga_vid=1494881405.1652793928&ga_sid=1652793933&ga_hid=1992226603&ga_fc=true&btvi=1&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
2b3136fc110394fdd71c97a4df78c9e0e122180153ab031c05b729d40501c8a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:33 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8662
x-xss-protection
0
google-lineitem-id
4924611118
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138257536831
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0CFB 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022051201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
52b5743e5facf3244e56c37fecbf982d813c9e8383ac3db9478c05d09d826074
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 13:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10651
x-xss-protection
0
container.html
a9057ce09a310b0512d074bcdf55f261.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 10A2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a9057ce09a310b0512d074bcdf55f261.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:25:32 GMT
expires
Wed, 17 May 2023 13:25:32 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 65CE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOmseO_RaHHfrizBKo_lhpv0lqeFqTnf9kqMj1qZ0DiwhAbDoWnx3TGu6olQOC1a6NgU9OIXQsXG_MTznr7Dp9t0BQJdVqyWYTx53MinajP-sCYL0q7nuazkfQKUpeEwrGcdGYZkV07kzU_4n9ZIhivJJKaAcJ7d90FPgPLx3lJ6calf0pUZpjkDb2N1tnnZjauP1m6RDrB4nihLghCEWzxIPGDIxo16zdU9JsB1lxQepNyZpjD4FBRR1Eqx4pdZTigZbonKA7uMcRVKAZGvimRRFCE0Golb8pcgFgEPiv1PVRMMitBkzy1mCuliEjcWHyIa3oXzDVBsDGNXP-Gk0coL0I-OA-suh8YcE&sig=Cg0ArKJSzCXPDI5misIwEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 13:25:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
3083443360271152484
tpc.googlesyndication.com/simgad/ Frame 65CE 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3083443360271152484
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e299ebc7e9d8ba28f03e84211b2cfb5d292eb455c0bc310522934894a8adc3b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 10 May 2022 20:31:14 GMT
x-content-type-options
nosniff
age
579258
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16907
x-xss-protection
0
last-modified
Thu, 05 Dec 2019 18:43:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 10 May 2023 20:31:14 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 65CE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:23:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
103
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 13:23:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 65CE 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 May 2022 13:25:32 GMT
l
www.google.com/ads/measurement/ Frame 65CE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaShWJt1JXN30UqLd1WgJHpXaPm5xBdVITFkmoyYhYAbIcR2Y8e9e6zO6GA_It3IZSEifdZtu5rDsY71YYf3yvQPVilWiw
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80f::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
truncated
/ Frame 65CE 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34ecca9420b47088adc9cebd95b79c0883d9907d6ca50476810b9663453e45f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 80E3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssogkJGhyg-SKhtX9w9VKx43gP30n-Xk3ogIMrxDF1QEL1R3bRNCiZ95m70BFAD3t3aCb2rcDOmG5h0VLbchPhX_FUYLDeX2NZFXv8H30B2QhTAERHG2akasLFgv_4xFIG371IDSjEPIhLXra6jNN_DxjSyb8RMkhgEK1EL5O1RcLSac-ht1wlB50us2hb2QW2_q3_O5BpJSYCpa9RKsPMzEayBIbzusMjMQa8o9Hj-fk3cwJVqyteMhOeMy7rdYi7ECU2_voFa14zZQxXJUMQfLa86dR08bk7d5rxZ5nSnVjLaykuls071QCurVRqKyOqPW5eJTSU4xJm9TwtYZzf_QE8S6y0Ld0xVquRRRw&sig=Cg0ArKJSzB7m09PSsAvmEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 13:25:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 17 May 2022 13:25:32 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0CFB 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 May 2022 13:25:32 GMT
integrator.js
adservice.google.de/adsid/ Frame 613D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sltrib.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js?cb=31067626
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 13:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 613D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sltrib.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js?cb=31067626
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 13:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 613D 		43 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1948261262765462&correlator=2379921450445279&eid=31067626%2C31060888%2C21065724%2C31067418%2C31067525&output=ldjh&gdfp_req=1&vrg=2022051201&ptt=17&impl=fifs&iu_parts=8570%3A89799359%2Csaltlaketribune%2Csltrib-14130-300x600-activefill-desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&ifi=1&adks=3117145556&sfv=1-0-38&ecs=20220517&fsapi=false&prev_scp=rfsh%3D1%26rfshtime%3D9&eri=1&sc=1&cookie=ID%3D33f411bc0ab0df7d%3AT%3D1652793932%3AS%3DALNI_Mb7rCMgFyeT62FSY3b22jX6zESppQ&gpic=UID%3D00000661a9c9df63%3AT%3D1652793932%3ART%3D1652793932%3AS%3DALNI_Maj1Euu5EDAeCvoVuSFNVVQcIer1w&abxe=1&dt=1652793932921&lmt=1652793932&dlt=1652793931165&idt=1283&biw=1600&bih=1200&isw=300&ish=600&adxs=981&adys=249&ucis=xpfjrrfcz0jw&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=2&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&ref=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&top=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&fws=260&ohw=300&ea=0&ga_vid=1494881405.1652793928&ga_sid=1652793933&ga_hid=867700045&ga_fc=true&btvi=0&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js?cb=31067626
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
002b5234a3dfe3d86b298cfabb8e606c9e0f1afc81ae01738eef694a96658cb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10675
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 613D 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022051201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js?cb=31067626
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9212c4fbf0bf6bd00cf75b342a13e35d3cc6e28a3d1c75531ca3d2837432c1ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 13:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10677
x-xss-protection
0
container.html
037b897051a5461837b5448e268cb815.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6476 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://037b897051a5461837b5448e268cb815.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js?cb=31067626
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:25:32 GMT
expires
Wed, 17 May 2023 13:25:32 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
6kAZB2R2IkMw87P0-iGviT-Bq_noDLkkkR6BhhZ9kEI.js
pagead2.googlesyndication.com/bg/ Frame 8B48 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6kAZB2R2IkMw87P0-iGviT-Bq_noDLkkkR6BhhZ9kEI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea4019076476224330f3b3f4fa21af893f81abf9e80cb924911e8186167d9042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 19:41:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
63820
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13523
x-xss-protection
0
last-modified
Mon, 02 May 2022 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 May 2023 19:41:52 GMT
6kAZB2R2IkMw87P0-iGviT-Bq_noDLkkkR6BhhZ9kEI.js
pagead2.googlesyndication.com/bg/ Frame 92A7 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6kAZB2R2IkMw87P0-iGviT-Bq_noDLkkkR6BhhZ9kEI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea4019076476224330f3b3f4fa21af893f81abf9e80cb924911e8186167d9042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 19:41:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
63820
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13523
x-xss-protection
0
last-modified
Mon, 02 May 2022 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 May 2023 19:41:52 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A09B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022051201&jk=1834684928795533&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 65CE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvsxjVp5czKLTMA-ynyMY6nKbgrDSirA2efSVpRG-Noy_sRMObkfWyKi2jQ6If7N1rna4JpFsU4PVBxEXEt3GfzBWUEpX3Qf8CUEfJJcWHfJ0gPDqSLS4RJrusS-0chTBh-kXSxwbBdlOVy6b0c5ykPBW-U1y_P4C9PCqczJzv61D2EbeUeKlmawRFMxOat_-KuuL1ABYyQDaJq3HFSIfGjsHMf7t9enCDCMJRVpRcetxyKDwXo8cFJuycxhbWzuE-F3As1aMg0nKGgCCO3VtVO1yN9yo4cvOxF1AXE4wng_6T8o-889QWBx4DfRgefXVzVYigNXOmAbF6VgaNZyHtW4LvRPxpWBI9ibEHfcg&sig=Cg0ArKJSzLkdhTP9qEfBEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 13:25:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 17 May 2022 13:25:32 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2323 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2120
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 12:50:12 GMT
expires
Wed, 17 May 2023 12:50:12 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8A7B 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80f::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2b4c81a64a48fe07656332d8a9d8ccf614903ce00bf1e39e9579362e04c8bd0e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8NmkBHwi4qYMJ_8zP8podw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-8NmkBHwi4qYMJ_8zP8podw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:25:32 GMT
expires
Tue, 17 May 2022 13:25:32 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 613D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js?cb=31067626
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 May 2022 13:25:32 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8A68 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvmxVWGhWPPEGOUy4bu5VY5XOVqOs2YbNsFvGddVaw-Pouy9XFqwyDPa8Slz3Qr5BfxQz264eDL3_GmyPlqurYWqDVTOq0J7mbKHErYpNiLoOej6ihizsD2TiUKndXgIKeIqDnhTH7B3Q37KLPfh-vG9KdwC1P0340ObLvQAwDwntP7EfurXhA0qFzLg-mUVjQhzqAtc2jL_o0KVzjOE0b2ketyYmi8_eMaiiS8PNtTVnTeYiFei5MyS6lP2o4ie7yi5RpNeOfA-RZjR0krAZbs6WlH4FyhvtGVXUVLs-_5kxxdt0F6cGKvDv186K4lZHx7ZNogxqSXT0qiWreTUe-gP7KrzXBZjBgeCynfcg&sig=Cg0ArKJSzL3XLPCk_BkYEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 13:25:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
75d02d930b.html
tm.ad-srv.net/tm/a/container/html/ Frame 8A68 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=044454bea6&click=https%3A%2F%2Fams1-ib.adnxs.com%2Fclick%3FE9pyLsVVpT8C5ftR8O6aPwAAAOB6FBBAAuX7UfDumj8S2nIuxVWlP7s_2_BQlSMepmJTGPVC5UJMooNiAAAAABNhUgGLIAAASicAAAIAAAANft4Mea8lAAAAAABVU0QAVVNEANgCWgCQxwAAAAABAQUCAAAAANgAIiZETQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521pxZidwjFiI0TEI38-WYY-d6WASAAKAAxexSuR-F6pD86CUFNUzE6Mzk5OUCrLkksK01KQbfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMTozOTk5%2Fbn%3D77225%2Fclickenc%3D&eVS=8331&eVR=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&rnd=1723021431
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.251.45.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.45.251.148.clients.your-server.de
Software
nginx /
Resource Hash
4c5c37f9da27f0fe5bcb0ea7f8582d754e7e6333dc53c692ad0e2d3a11940158

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:33 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=utf-8
Expires
0
trk.js
cdn.adnxs.com/v/s/224/ Frame 8A68 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 13:25:33 GMT
Content-Encoding
gzip
Age
7100821
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21964-LGA, cache-hhn4075-HHN
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1652793933.182000,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
1526399, 125224
it
ams1-ib.adnxs.com/ Frame 8A68 		0
817 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.sltrib.com%252Fnews%252F2021%252F11%252F16%252Frichest-utah-native-vows%252F&e=wqT_3QLdCvBMXQUAAAMA1gAFAQjMxI6UBhC7_-yGj6rlkR4YpsXNwtHe0PJCKjYJE9pyLsVVpT8RAuX7UfDumj8ZAAAA4HoUEEAhAuX7UfDumj8pEtoJJAAxARvAo3DNPzCTwskKOItBQMpOSAJQjfz5Zlj53pYBYABokI-zAXip2wSAAQGKAQNVU0SSAQEG8FWYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJ3dWYoJ2EnLCA0NTI1MzYyLCAxNjUyNzkzOTMyKTt1ZignaScsIDQxMjYxNjksIDE2NTIdADBnJywgMTE0OTM4ODcsQjsAMHInLCAyMTU5MDc4NTM2HwDwtpIC_QMhNzJBNGp3akZpSTBURUkzOC1XWVlBQ0Q1M3BZQk1BQTRBRUFBU01wT1VKUEN5UXBZQUdDV0JXZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBYWdCQWJBQkFMa0JrZThLOE9GNnBEX0JBWG5mejE0VFZxVV95UUVBQUFBQUFBRHdQOWtCTEN0TlNrRzM3al9nQWRuci13SDFBUXJYSXoyWUFnQ2dBZ0cxQWdBQUFBQzlBZwE58FVEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEJUVk14T2pNNU9UbmdBNnN1Z0FTYnZka0RpQVNjdmRrRGtBUUFtQVFCd1FRQQFaBQEITWtFBQgFARhEWUJBRHhCBQwJARxpQVdmSDZrRgkOHEFBOEQteEJREQ48QUF3UVY3Rks1SDRYcWtQOC4oAARfUi4oAAgyUVUNNfBDRHdQLUFGeHlEd0JmX0R2UVg0QmJLYWxBS0NCZ05GVlZLSUJnQ1FCZ0dZQmdDaEJuc1Vya2ZoZXFRX3FBWUVzZ1lrQ1ENSwxBQUFFHYwARx0MAEkdDDR1QVlLmgKZASFweFppZDoBAtgtZDZXQVNBQUtBQXhleFN1Ui1GNnBEODZDVUZOVXpFNk16azVPVUNyTGtrc0swMUtRYmZ1UDFFAXwJAQRGawkIAQEARz1MAEcdGABIHRgMSGdBaS4VAvQgAXcuLtgCAOACvMo_6gJAaHR0cHM6Ly93d3cuc2x0cmliLmNvbS9uZXdzLzIwMjEvMTEvMTYvcmljaGVzdC11dGFoLW5hdGl2ZS12b3dzL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA-oV4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjI4qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQPMTAwNTgjQU1TMTozOTk52gQCCAHgBAHwBI38-WaIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWwogL6BQQIABAAkAYAmAYAuAYAwQYJIyjwP9AGuzPaBhYKEAkRGQFYEAAYAOAGAfIGAggAgAcBiAcAoAcBugcBuQwAGAAgAbYwvQZAAMgHqdsE0gcNCRE6AR4M2gcGCAUJROAHAOoHAggA8Ae70AGKCAIQAA..&s=6f9137bda33185cdac59ce435e46db3ed89fd5cf
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:33 GMT
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d90ca678-84fb-4f4b-aad6-187e4f1692a2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8A68 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 May 2022 13:25:33 GMT
pixel
protected-by.clarium.io/ Frame 8A68 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_Nk5EV3UyWHAxR25vYVkwUDVxeTZ5ODBkbVI4L2FwcG5leHVzOjcyOHg5MA==&v=5&s=v31g3933v9j&id=eyJwcmViaWQiOnsiYWRJZCI6IjIwNTI1Y2E5YmNkNzM3NCIsImNwbSI6MC4wMjYzMDIsInMiOiJkaXYtZ3B0LWFkLTIzNzE0MTA1MTc4OTAtMCIsInNyYyI6ImNsaWVudCJ9LCJ0cF9jcmlkIjoiUEI6YXBwbmV4dXM7MjE1OTA3ODUzIn0%3D&sb=undefined&cb=9453628&h=www.sltrib.com&d=eyJ3aCI6Ik5rNUVWM1V5V0hBeFIyNXZZVmt3VURWeGVUWjVPREJrYlZJNEwyRndjRzVsZUhWek9qY3lPSGc1TUE9PSIsIndkIjp7ImsiOnsiaGJfYmlkZGVyIjpbImFwcG5leHVzIl0sImhiX3NpemUiOlsiNzI4eDkwIl19fSwid3IiOjB9
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.92.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-92-214.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:33 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F207 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2121
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 12:50:12 GMT
expires
Wed, 17 May 2023 12:50:12 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0A89 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80f::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d3a9e89b3cb897b68573f8724494fcc5a707ae7efb7f05646c7ef42b128db0e6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NKLDE6-TodFcjZJtFf9Big' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-NKLDE6-TodFcjZJtFf9Big' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:25:33 GMT
expires
Tue, 17 May 2022 13:25:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 8A7B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022051201&jk=1870961346213497&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
6kAZB2R2IkMw87P0-iGviT-Bq_noDLkkkR6BhhZ9kEI.js
pagead2.googlesyndication.com/bg/ Frame 2323 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6kAZB2R2IkMw87P0-iGviT-Bq_noDLkkkR6BhhZ9kEI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea4019076476224330f3b3f4fa21af893f81abf9e80cb924911e8186167d9042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 19:41:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
63821
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13523
x-xss-protection
0
last-modified
Mon, 02 May 2022 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 May 2023 19:41:52 GMT
generate_204
tpc.googlesyndication.com/ Frame 8B48 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?1EEK9w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 92A7 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ad0VuA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
6kAZB2R2IkMw87P0-iGviT-Bq_noDLkkkR6BhhZ9kEI.js
pagead2.googlesyndication.com/bg/ Frame F207 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6kAZB2R2IkMw87P0-iGviT-Bq_noDLkkkR6BhhZ9kEI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea4019076476224330f3b3f4fa21af893f81abf9e80cb924911e8186167d9042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 19:41:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
63821
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13523
x-xss-protection
0
last-modified
Mon, 02 May 2022 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 May 2023 19:41:52 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012204292129000/ Frame 528B 		220 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012204292129000/amp4ads-v0.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202205091138/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8438fcae135714383f2e8b95e9a173d7dae352e433c16c07ab158e6c88c489d0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
50002
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61295
x-xss-protection
0
server
sffe
date
Mon, 16 May 2022 23:32:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c00c4adb72e5cb7f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 16 May 2023 23:32:11 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012204292129000/v0/ Frame 528B 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012204292129000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202205091138/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42bd99c9d9c85bebd6419be0bc7cab4bbdd98f3743d9c0bf7e3e62cd627cb581
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
82639
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5188
x-xss-protection
0
server
sffe
date
Mon, 16 May 2022 14:28:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"176361d496ccc411"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 16 May 2023 14:28:14 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012204292129000/v0/ Frame 528B 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012204292129000/v0/amp-analytics-0.1.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202205091138/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a05fdfb3e658a59c3b08dc4d5787cf76826988866a1be0bac3710c7753640d1f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
82638
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28840
x-xss-protection
0
server
sffe
date
Mon, 16 May 2022 14:28:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4b15b3c971f95798"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 16 May 2023 14:28:15 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012204292129000/v0/ Frame 528B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012204292129000/v0/amp-fit-text-0.1.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202205091138/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
742106aba0be6db1086baa20c675ca18298baf0eecf4f0ad7a99111be6796446
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
236723
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1906
x-xss-protection
0
server
sffe
date
Sat, 14 May 2022 19:40:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a2652581fdabc981"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 14 May 2023 19:40:10 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012204292129000/v0/ Frame 528B 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012204292129000/v0/amp-form-0.1.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202205091138/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
151ca0dbdad0610cbb5b206a106dd32b5a5915325c96ec690652e0e47abf8465
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
236723
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12953
x-xss-protection
0
server
sffe
date
Sat, 14 May 2022 19:40:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8a2450dae6a66803"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 14 May 2023 19:40:10 GMT
truncated
/ Frame 528B 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9b1adf91b953d233e612e07669d331da8cc8e5626f64dc3ac9325f1c0b22e6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
14518626662968885928
tpc.googlesyndication.com/daca_images/simgad/ Frame 528B 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/14518626662968885928
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
293013aaa5dd77f5b2920843bad6f2d13eaaf5bd875ff9e3cfe977ded7d60c6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 17:31:41 GMT
x-content-type-options
nosniff
age
158032
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88763
x-xss-protection
0
last-modified
Wed, 04 May 2022 14:30:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 15 May 2023 17:31:41 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 528B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 23:37:32 GMT
x-content-type-options
nosniff
server
cafe
age
49681
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
15880770647744369592
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2982
x-xss-protection
0
expires
Tue, 17 May 2022 23:37:32 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 528B 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 06:46:14 GMT
x-content-type-options
nosniff
server
cafe
age
23959
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 18 May 2022 06:46:14 GMT
l
www.google.com/ads/measurement/ Frame 528B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSZVr1UvYMA2yju3_zeXTszia4SB9jQQ8UMyZ-fq4akee8IURfYmMQltXOw8afLcyKJgrPvjeIED8C4urGuXD9iiV-7bw
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80f::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 528B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CuwC7TKKDYrTBO5aVgQfQjpvgBY2KgYlq-fft3c0P29keEAEg0OaHdGCZBqABnK_7qALIAQLgAgCoAwHIAwiqBJYCT9DaJCJntBKp6fH1Mhdoh1zbbZcjpWNRH_7whw_9PixD0by2shVfr8_s-ma-Eetc1COdg64LK56enVxUH_GDjGJ9fzgVlIRZezgykY4qSuFf9FriYWC9WJWKGZRk6aGnADxyIt1pRucdwFQHOCgA5KKKkSP1YvgpwYgsR7f1MgvYw2t1OBX0zGNjgses_wYVASXMcB3_APgeJBY8b8pKwueA0dEUbn0Y2SWVcoNZ-i0nVwjl-v_JuV6LX0gbuM8irSmuoWsqX2ImhkleccwtapoQ3KHU3yZ4yDwl14GBvCoytmy7aKaVOLjV07_zUqqMwvPV8feS47RPtR5wGgPBQ0ky77LFUvOvQDNZw7eI7FgnwDCrGtLABJvEjN39A-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAfM0ITXAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEN-4BdIIBwiAYRABGB3yCBthZHgtc3Vic3luLTU2MjYxMDA1MzExNTk1MDOACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItNjI0OTQwMDM2OTY5MTg4NhjPpBM&sigh=S2dQbSLyx-g&uach_m=[UACH]
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 0A89 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022051201&jk=1948261262765462&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
request.php
ad.ad-srv.net/ Frame 7BE5
Redirect Chain
  • https://ad.ad-srv.net/request.php?zone=0tb3zvbgqv0r&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&documentReferer=https%3A%2F%2Fwww.sltrib.com%2F...
  • https://ad.ad-srv.net/request.php?zone=0tb3zvbgqv0r&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&documentReferer=https%3A%2F%2Fwww.sltrib.com%2F...
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.ad-srv.net/request.php?zone=0tb3zvbgqv0r&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&documentReferer=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&ancestorOrigins=https%3A%2F%2Fwww.sltrib.com%2Chttps%3A%2F%2Fwww.sltrib.com%2Chttps%3A%2F%2Fwww.sltrib.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:8331&extVar[]=XR_DOM_RTB:www.sltrib.com&redirectClick=https%3A%2F%2Fams1-ib.adnxs.com%2Fclick%3FE9pyLsVVpT8C5ftR8O6aPwAAAOB6FBBAAuX7UfDumj8S2nIuxVWlP7s_2_BQlSMepmJTGPVC5UJMooNiAAAAABNhUgGLIAAASicAAAIAAAANft4Mea8lAAAAAABVU0QAVVNEANgCWgCQxwAAAAABAQUCAAAAANgAIiZETQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521pxZidwjFiI0TEI38-WYY-d6WASAAKAAxexSuR-F6pD86CUFNUzE6Mzk5OUCrLkksK01KQbfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMTozOTk5%2Fbn%3D77225%2Fclickenc%3D&uidRedirect=1
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
ff199d0643a7b625817bef6b7565e6e4e63f784ed2bc8ee897521c42dd2e5508

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1789
Content-Type
text/html; charset=utf-8
Date
Tue, 17 May 2022 13:25:33 GMT
Expires
Tue, 17 May 2022 14:25:33 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
X-NEORY-SubId
72884500102967201467935011962014

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 13:25:33 GMT
Expires
Tue, 17 May 2022 14:25:33 +0200
Location
request.php?zone=0tb3zvbgqv0r&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&documentReferer=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&ancestorOrigins=https%3A%2F%2Fwww.sltrib.com%2Chttps%3A%2F%2Fwww.sltrib.com%2Chttps%3A%2F%2Fwww.sltrib.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:8331&extVar[]=XR_DOM_RTB:www.sltrib.com&redirectClick=https%3A%2F%2Fams1-ib.adnxs.com%2Fclick%3FE9pyLsVVpT8C5ftR8O6aPwAAAOB6FBBAAuX7UfDumj8S2nIuxVWlP7s_2_BQlSMepmJTGPVC5UJMooNiAAAAABNhUgGLIAAASicAAAIAAAANft4Mea8lAAAAAABVU0QAVVNEANgCWgCQxwAAAAABAQUCAAAAANgAIiZETQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521pxZidwjFiI0TEI38-WYY-d6WASAAKAAxexSuR-F6pD86CUFNUzE6Mzk5OUCrLkksK01KQbfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMTozOTk5%2Fbn%3D77225%2Fclickenc%3D&uidRedirect=1
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
async_usersync.html
acdn.adnxs.com/dmp/ Frame BC21 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8331&pub_id=2015670
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
32337
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 May 2022 13:25:33 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 489866
X-Served-By
cache-lga13628-LGA, cache-hhn4051-HHN
X-Timer
S1652793933.339787,VS0,VE0
rd_log
ams1-ib.adnxs.com/ Frame 8A68 		0
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&e=wqT_3QL0DPBMdAYAAAMA1gAFAQjMxI6UBhC7_-yGj6rlkR4YpsXNwtHe0PJCKjYJE9pyLsVVpT8RAuX7UfDumj8ZAAAA4HoUEEAhAuX7UfDumj8pEtoJJAAxARvAo3DNPzCTwskKOItBQMpOSAJQjfz5Zlj53pYBYABokI-zAXip2wSAAQGKAQNVU0SSAQEG8FWYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJ3dWYoJ2EnLCA0NTI1MzYyLCAxNjUyNzkzOTMyKTt1ZignaScsIDQxMjYxNjksIDE2NTIdADBnJywgMTE0OTM4ODcsQjsAMHInLCAyMTU5MDc4NTM2HwDwtpIC_QMhNzJBNGp3akZpSTBURUkzOC1XWVlBQ0Q1M3BZQk1BQTRBRUFBU01wT1VKUEN5UXBZQUdDV0JXZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBYWdCQWJBQkFMa0JrZThLOE9GNnBEX0JBWG5mejE0VFZxVV95UUVBQUFBQUFBRHdQOWtCTEN0TlNrRzM3al9nQWRuci13SDFBUXJYSXoyWUFnQ2dBZ0cxQWdBQUFBQzlBZwE58FVEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEJUVk14T2pNNU9UbmdBNnN1Z0FTYnZka0RpQVNjdmRrRGtBUUFtQVFCd1FRQQFaBQEITWtFBQgFARhEWUJBRHhCBQwJARxpQVdmSDZrRgkOHEFBOEQteEJREQ48QUF3UVY3Rks1SDRYcWtQOC4oAARfUi4oAAgyUVUNNfBDRHdQLUFGeHlEd0JmX0R2UVg0QmJLYWxBS0NCZ05GVlZLSUJnQ1FCZ0dZQmdDaEJuc1Vya2ZoZXFRX3FBWUVzZ1lrQ1ENSwxBQUFFHYwARx0MAEkdDDR1QVlLmgKZASFweFppZDoBAtgtZDZXQVNBQUtBQXhleFN1Ui1GNnBEODZDVUZOVXpFNk16azVPVUNyTGtrc0swMUtRYmZ1UDFFAXwJAQRGawkIAQEARz1MAEcdGABIHRgMSGdBaS4VAvBpdy4u2AIA4AK8yj_qAkBodHRwczovL3d3dy5zbHRyaWIuY29tL25ld3MvMjAyMS8xMS8xNi9yaWNoZXN0LXV0YWgtbmF0aXZlLXZvd3Mv8gIRCgZBRFZfSUQSBzQ1MjUzNjLyAhIKBkNQRwEUAAhxPxjyAgoKBUNQARQYATDyAg0KCAE2DEZSRVEREBxSRU1fVVNFUgUQAA8JIEBDT0RFEgM2MTXyAhYKCENQRwkSRApmZDIwOGNiNzMz8gILCgdDUAkYHADyAhAKBUlPAWYAB23WGPICDgoHSU8JIQlLOBMKD0NVU1RPTV9NT0RFTAEuFADyAhoKFjIWACBMRUFGX05BTUUBHQgeCho2HQAIQVNUAT4QSUZJRUQBIRwNCghTUExJVAFN8LABMIADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA-oV4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjI4qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQPMTAwNTgjQU1TMTozOTk52gQCCAHgBAHwBI38-WaIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAFDHgAANgFAeAFAfAFsKIC-gUECAAQAJAGAJgGALgGAMEGCSQo8D_QBrsz2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFICBgAIAG2ML0GQADIB6nbBNIHDQkROgE4CNoHBgknROAHAOoHAggA8Ae70AGKCAIQAA..&s=541ace4752ab09666c1c1a1163142ad3b06c037e&bdref=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&bdtop=true&bdifs=3&bstk=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F,https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F,https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F,https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:33 GMT
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f008a632-d1c8-4e21-9022-91830fd30bc6
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8A68 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstmlKNf462uihmjL0-Z6CsNG0EQEO2w-RZtBmQb-3j6cdCT5ISA5OCZhmK7PmRnMw2EKrQMJL64kxf85lGEkhEutJBEWkv3QWPdc8M-Q5NFHYsIQTYOk3SQzcoX-qIUZZvk5ZRo1wsWTm9ENpjJgeJ3IMlPlB6vmXEgaRsKvpGAnKI-HHmwM2bWoQIsfBhwe0SQnDQCSwAmj-loowyZVAZGnaAewDXJIULJHxNt4ADWS0pFXS_vWAuvqkQcIcE34rrF3lppEN5ae3BBgJa3RaHzh-cGGfpMZLuMx8E3I5joPwYVMn00vbhcRQrWsrUn_ErpXfm3Yj4IWsXF07h4V0ZgLxLgxdrxXiIS-9Z7S2g2&sig=Cg0ArKJSzFdYL-HVhh2TEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 13:25:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 17 May 2022 13:25:33 GMT
truncated
/ Frame 8A68 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e32fe877c0347e9325de654889258db0dfb186cbf4f4f1236d7d37c7c5e279df

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
vevent
ams1-ib.adnxs.com/ Frame 8A68 		0
838 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&e=wqT_3QLdCvBMXQUAAAMA1gAFAQjMxI6UBhC7_-yGj6rlkR4YpsXNwtHe0PJCKjYJE9pyLsVVpT8RAuX7UfDumj8ZAAAA4HoUEEAhAuX7UfDumj8pEtoJJAAxARvAo3DNPzCTwskKOItBQMpOSAJQjfz5Zlj53pYBYABokI-zAXip2wSAAQGKAQNVU0SSAQEG8FWYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJ3dWYoJ2EnLCA0NTI1MzYyLCAxNjUyNzkzOTMyKTt1ZignaScsIDQxMjYxNjksIDE2NTIdADBnJywgMTE0OTM4ODcsQjsAMHInLCAyMTU5MDc4NTM2HwDwtpIC_QMhNzJBNGp3akZpSTBURUkzOC1XWVlBQ0Q1M3BZQk1BQTRBRUFBU01wT1VKUEN5UXBZQUdDV0JXZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBYWdCQWJBQkFMa0JrZThLOE9GNnBEX0JBWG5mejE0VFZxVV95UUVBQUFBQUFBRHdQOWtCTEN0TlNrRzM3al9nQWRuci13SDFBUXJYSXoyWUFnQ2dBZ0cxQWdBQUFBQzlBZwE58FVEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEJUVk14T2pNNU9UbmdBNnN1Z0FTYnZka0RpQVNjdmRrRGtBUUFtQVFCd1FRQQFaBQEITWtFBQgFARhEWUJBRHhCBQwJARxpQVdmSDZrRgkOHEFBOEQteEJREQ48QUF3UVY3Rks1SDRYcWtQOC4oAARfUi4oAAgyUVUNNfBDRHdQLUFGeHlEd0JmX0R2UVg0QmJLYWxBS0NCZ05GVlZLSUJnQ1FCZ0dZQmdDaEJuc1Vya2ZoZXFRX3FBWUVzZ1lrQ1ENSwxBQUFFHYwARx0MAEkdDDR1QVlLmgKZASFweFppZDoBAtgtZDZXQVNBQUtBQXhleFN1Ui1GNnBEODZDVUZOVXpFNk16azVPVUNyTGtrc0swMUtRYmZ1UDFFAXwJAQRGawkIAQEARz1MAEcdGABIHRgMSGdBaS4VAvQgAXcuLtgCAOACvMo_6gJAaHR0cHM6Ly93d3cuc2x0cmliLmNvbS9uZXdzLzIwMjEvMTEvMTYvcmljaGVzdC11dGFoLW5hdGl2ZS12b3dzL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA-oV4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjI4qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQPMTAwNTgjQU1TMTozOTk52gQCCAHgBAHwBI38-WaIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWwogL6BQQIABAAkAYAmAYAuAYAwQYJIyjwP9AGuzPaBhYKEAkRGQFYEAAYAOAGAfIGAggAgAcBiAcAoAcBugcBuQwAGAAgAbYwvQZAAMgHqdsE0gcNCRE6AR4M2gcGCAUJROAHAOoHAggA8Ae70AGKCAIQAA..&s=6f9137bda33185cdac59ce435e46db3ed89fd5cf&type=nv&nvt=5&jm=1003&px=141&py=2423&bw=728&bh=90&sid=3673952451087414697&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22176019&sw=1600&sh=1200&pw=1600&ph=4982&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:33 GMT
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
506f7b7c-36ec-482c-8a0b-d273ebada498
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7893 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsteIPQ6LJd5xdmp_ZIRsquBJEU-YaAfbUKZ3mLJLZBys5H_r27ZWN4crjsShLVCa8ghNLqfUkn5K_zRTClvsJkXjoEeZMcbR6624mlypw1Ed9gEtFdr&sig=Cg0ArKJSzFh1Cix3DVTJEAE&id=lidar2&mcvt=1011&p=249,981,849,1281&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20220511&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1301877128&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652793930670&rpt=1677&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 43B3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuli3gv3JAdggYujZdHSV573__ZDkcHcM8REnVsCE3DeE0Lpia0ZyGHuf3n5iebCY1cDbEhzagyPuRbWxPiP673DF7qfzyq7g0JZURq83OFCPB03X8OQolyZF8JtBGvmEPjhPc_uavxFSnKHJwQ29ls-wVvcGoNZjufPz1YjA44CIVdn5e0zu8OLDlZ_minlLYssmXVMAsO4TVheeIz-6JyBFoj7gWth5MTvjindIwgPAA1lZFr0mauXnsBJYXZTMLIf67wNxi_S3_GFQgNztE1CUylEmJny3uzWPTIulhu5FzqnF-6eoO_BJq1SxKGVJl7z4EF6cu6dP8L5APpYc4&sig=Cg0ArKJSzJBbl6ydOv1KEAE&id=lidar2&mcvt=1013&p=16,436,106,1164&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20220511&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=994546634&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652793930021&rpt=2300&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame BC21 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=8331&pub_id=2015670&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8331&pub_id=2015670
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:33 GMT
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8f6d1d23-48bb-459e-b435-17ae58cb157e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 2323 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Dg1hLQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 528B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Redirect headers

date
Tue, 17 May 2022 13:25:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame F207 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?LmloDg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
viewability
ad14.ad-srv.net/ Frame 7BE5 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad14.ad-srv.net/viewability?s=72884500102967201467935011962014&a=e4bb0f9b&vb=m
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=0tb3zvbgqv0r&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&documentReferer=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&ancestorOrigins=https%3A%2F%2Fwww.sltrib.com%2Chttps%3A%2F%2Fwww.sltrib.com%2Chttps%3A%2F%2Fwww.sltrib.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:8331&extVar[]=XR_DOM_RTB:www.sltrib.com&redirectClick=https%3A%2F%2Fams1-ib.adnxs.com%2Fclick%3FE9pyLsVVpT8C5ftR8O6aPwAAAOB6FBBAAuX7UfDumj8S2nIuxVWlP7s_2_BQlSMepmJTGPVC5UJMooNiAAAAABNhUgGLIAAASicAAAIAAAANft4Mea8lAAAAAABVU0QAVVNEANgCWgCQxwAAAAABAQUCAAAAANgAIiZETQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521pxZidwjFiI0TEI38-WYY-d6WASAAKAAxexSuR-F6pD86CUFNUzE6Mzk5OUCrLkksK01KQbfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMTozOTk5%2Fbn%3D77225%2Fclickenc%3D&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 13:25:33 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
request.php
ad.ad-srv.net/ Frame 59F8
Redirect Chain
  • https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=dd7fc35f3b4a0iKmIRNS4d7XG4e1pQA5-GW-DGNcHZoL3CxqN3kZrIzrzWysE-KKvFTi...
  • https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=dd7fc35f3b4a0iKmIRNS4d7XG4e1pQA5-GW-DGNcHZoL3CxqN3kZrIzrzWysE-KKvFTi...
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=dd7fc35f3b4a0iKmIRNS4d7XG4e1pQA5-GW-DGNcHZoL3CxqN3kZrIzrzWysE-KKvFTiRGXUyxGx-OY3JSYmFFfipmDkDPg3FRh1BFBmtliTkP2O1N9wkNwZ0V9wg4lFAC9wA38FF_xlbbFmcL9Yi8l0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=72884500102967201467935011962014&redirectClick=https%3A%2F%2Fad14.ad-srv.net%2Fc%2Fpu9ke01iiroxio6%3Ftprde%3D&uidRedirect=1
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=0tb3zvbgqv0r&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&documentReferer=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&ancestorOrigins=https%3A%2F%2Fwww.sltrib.com%2Chttps%3A%2F%2Fwww.sltrib.com%2Chttps%3A%2F%2Fwww.sltrib.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:8331&extVar[]=XR_DOM_RTB:www.sltrib.com&redirectClick=https%3A%2F%2Fams1-ib.adnxs.com%2Fclick%3FE9pyLsVVpT8C5ftR8O6aPwAAAOB6FBBAAuX7UfDumj8S2nIuxVWlP7s_2_BQlSMepmJTGPVC5UJMooNiAAAAABNhUgGLIAAASicAAAIAAAANft4Mea8lAAAAAABVU0QAVVNEANgCWgCQxwAAAAABAQUCAAAAANgAIiZETQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521pxZidwjFiI0TEI38-WYY-d6WASAAKAAxexSuR-F6pD86CUFNUzE6Mzk5OUCrLkksK01KQbfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMTozOTk5%2Fbn%3D77225%2Fclickenc%3D&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
d01c7ea02f591be086a8ace6bb8e070a22f5e0ced512197994b7de6642c742a9

Request headers

Referer
https://ad.ad-srv.net/request.php?zone=0tb3zvbgqv0r&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&documentReferer=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&ancestorOrigins=https%3A%2F%2Fwww.sltrib.com%2Chttps%3A%2F%2Fwww.sltrib.com%2Chttps%3A%2F%2Fwww.sltrib.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:8331&extVar[]=XR_DOM_RTB:www.sltrib.com&redirectClick=https%3A%2F%2Fams1-ib.adnxs.com%2Fclick%3FE9pyLsVVpT8C5ftR8O6aPwAAAOB6FBBAAuX7UfDumj8S2nIuxVWlP7s_2_BQlSMepmJTGPVC5UJMooNiAAAAABNhUgGLIAAASicAAAIAAAANft4Mea8lAAAAAABVU0QAVVNEANgCWgCQxwAAAAABAQUCAAAAANgAIiZETQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521pxZidwjFiI0TEI38-WYY-d6WASAAKAAxexSuR-F6pD86CUFNUzE6Mzk5OUCrLkksK01KQbfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMTozOTk5%2Fbn%3D77225%2Fclickenc%3D&uidRedirect=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1570
Content-Type
text/html; charset=utf-8
Date
Tue, 17 May 2022 13:25:33 GMT
Expires
Tue, 17 May 2022 14:25:33 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
X-NEORY-SubId
77893300102967901649445011962014

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 13:25:33 GMT
Expires
Tue, 17 May 2022 14:25:33 +0200
Location
request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=dd7fc35f3b4a0iKmIRNS4d7XG4e1pQA5-GW-DGNcHZoL3CxqN3kZrIzrzWysE-KKvFTiRGXUyxGx-OY3JSYmFFfipmDkDPg3FRh1BFBmtliTkP2O1N9wkNwZ0V9wg4lFAC9wA38FF_xlbbFmcL9Yi8l0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=72884500102967201467935011962014&redirectClick=https%3A%2F%2Fad14.ad-srv.net%2Fc%2Fpu9ke01iiroxio6%3Ftprde%3D&uidRedirect=1
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
truncated
/ Frame 7BE5 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/gif
addDoubleBorder.js
cdn.contentspread.net/cynamics/tools/js/ Frame 7BE5 		851 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.contentspread.net/cynamics/tools/js/addDoubleBorder.js
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=0tb3zvbgqv0r&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&documentReferer=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&ancestorOrigins=https%3A%2F%2Fwww.sltrib.com%2Chttps%3A%2F%2Fwww.sltrib.com%2Chttps%3A%2F%2Fwww.sltrib.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:8331&extVar[]=XR_DOM_RTB:www.sltrib.com&redirectClick=https%3A%2F%2Fams1-ib.adnxs.com%2Fclick%3FE9pyLsVVpT8C5ftR8O6aPwAAAOB6FBBAAuX7UfDumj8S2nIuxVWlP7s_2_BQlSMepmJTGPVC5UJMooNiAAAAABNhUgGLIAAASicAAAIAAAANft4Mea8lAAAAAABVU0QAVVNEANgCWgCQxwAAAAABAQUCAAAAANgAIiZETQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521pxZidwjFiI0TEI38-WYY-d6WASAAKAAxexSuR-F6pD86CUFNUzE6Mzk5OUCrLkksK01KQbfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMTozOTk5%2Fbn%3D77225%2Fclickenc%3D&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.36.108.3 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3112796.ip-54-36-108.eu
Software
nginx /
Resource Hash
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 13:25:33 GMT
Last-Modified
Tue, 03 May 2016 20:55:13 GMT
Server
nginx
ETag
"57291031-353"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
851
944.json
id5-sync.com/g/v2/ Frame 581D 		213 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/944.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
12b2ca2ef01de02b3228479570c0593d85a71d107526d793433cdea0c6711c2b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sltrib.com
date
Tue, 17 May 2022 13:25:33 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame 581D 		44 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 May 2022 13:25:33 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
rid
match.adsrvr.org/track/ Frame 581D 		63 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=71nw1m8&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
83f2553a7589b199fa6f98fe65dfffb4f9091769325ce83bd36788154303bf3f

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 May 2022 13:25:33 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sltrib.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Thu, 16 Jun 2022 13:25:33 GMT
evergreen-kis-728x90.jpg
media.kaspersky.com/de/affiliates/ Frame 59F8
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2519508&v=14098&q=379082&r=559379&pv=0&pref1=77893300102967901649445011962014
  • https://media.kaspersky.com/de/affiliates/evergreen-kis-728x90.jpg
62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.kaspersky.com/de/affiliates/evergreen-kis-728x90.jpg
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=dd7fc35f3b4a0iKmIRNS4d7XG4e1pQA5-GW-DGNcHZoL3CxqN3kZrIzrzWysE-KKvFTiRGXUyxGx-OY3JSYmFFfipmDkDPg3FRh1BFBmtliTkP2O1N9wkNwZ0V9wg4lFAC9wA38FF_xlbbFmcL9Yi8l0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=72884500102967201467935011962014&redirectClick=https%3A%2F%2Fad14.ad-srv.net%2Fc%2Fpu9ke01iiroxio6%3Ftprde%3D&uidRedirect=1
Protocol
H2
Server
185.85.15.31 , Germany, ASN200107 (KL-EXT, CH),
Reverse DNS
Software
/ Kaspersky Labs, Kaspersky Labs
Resource Hash
1eeaa9afd461c6df55ffad40e5b003b9f2303727cc0276e677cf61bf9023284a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Tue, 14 Sep 2021 12:09:22 GMT
server
x-powered-by
Kaspersky Labs, Kaspersky Labs
etag
"8ece3b5a61a9d71:0"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-xss-protection
1; mode=block
x-server
fr2/FRA4
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
63391
date
Tue, 17 May 2022 13:25:33 GMT

Redirect headers

Date
Tue, 17 May 2022 13:25:33 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://media.kaspersky.com/de/affiliates/evergreen-kis-728x90.jpg
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
944.json
id5-sync.com/g/v2/ Frame FFC3 		213 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/944.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
ad829f670cd7b9b33afef8a725976bc190b3dba8568d8ea0850ecc71f8023a56
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sltrib.com
date
Tue, 17 May 2022 13:25:33 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ Frame FFC3 		63 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=71nw1m8&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
83f2553a7589b199fa6f98fe65dfffb4f9091769325ce83bd36788154303bf3f

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 May 2022 13:25:33 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sltrib.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Thu, 16 Jun 2022 13:25:33 GMT
viewability
ad14.ad-srv.net/ Frame 59F8 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad14.ad-srv.net/viewability?s=77893300102967901649445011962014&a=8e514382&vb=m
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=dd7fc35f3b4a0iKmIRNS4d7XG4e1pQA5-GW-DGNcHZoL3CxqN3kZrIzrzWysE-KKvFTiRGXUyxGx-OY3JSYmFFfipmDkDPg3FRh1BFBmtliTkP2O1N9wkNwZ0V9wg4lFAC9wA38FF_xlbbFmcL9Yi8l0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=72884500102967201467935011962014&redirectClick=https%3A%2F%2Fad14.ad-srv.net%2Fc%2Fpu9ke01iiroxio6%3Ftprde%3D&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 13:25:33 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
cshow.php
www.awin1.com/ Frame 0A0D 		43 B
703 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.awin1.com/cshow.php?s=2519508&v=14098&q=379082&r=559379&pv=1&pref1=77893300102967901649445011962014
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=dd7fc35f3b4a0iKmIRNS4d7XG4e1pQA5-GW-DGNcHZoL3CxqN3kZrIzrzWysE-KKvFTiRGXUyxGx-OY3JSYmFFfipmDkDPg3FRh1BFBmtliTkP2O1N9wkNwZ0V9wg4lFAC9wA38FF_xlbbFmcL9Yi8l0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=72884500102967201467935011962014&redirectClick=https%3A%2F%2Fad14.ad-srv.net%2Fc%2Fpu9ke01iiroxio6%3Ftprde%3D&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://ad.ad-srv.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Awin-Akamai-Rule-Set
default
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 17 May 2022 13:25:33 GMT
Expires
0
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma
no-cache
Strict-Transport-Security
max-age=86400
truncated
/ Frame 59F8 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/gif
addDoubleBorder.js
cdn.contentspread.net/hofe/tools/js/ Frame 59F8 		851 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.contentspread.net/hofe/tools/js/addDoubleBorder.js
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=dd7fc35f3b4a0iKmIRNS4d7XG4e1pQA5-GW-DGNcHZoL3CxqN3kZrIzrzWysE-KKvFTiRGXUyxGx-OY3JSYmFFfipmDkDPg3FRh1BFBmtliTkP2O1N9wkNwZ0V9wg4lFAC9wA38FF_xlbbFmcL9Yi8l0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=72884500102967201467935011962014&redirectClick=https%3A%2F%2Fad14.ad-srv.net%2Fc%2Fpu9ke01iiroxio6%3Ftprde%3D&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.36.108.3 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3112796.ip-54-36-108.eu
Software
nginx /
Resource Hash
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 13:25:33 GMT
Last-Modified
Fri, 05 Aug 2016 12:57:29 GMT
Server
nginx
ETag
"57a48d39-353"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
851
sodar
pagead2.googlesyndication.com/pagead/ Frame FFC3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022051201&jk=3209455519882662&bg=!DQ6lDkrNAAZX5TVhd-U7ACkAdvg8WtSks5LHRTkEc9seEs5yRfiObsNOKiOzD4Y60iFJ1UkdOEKEbQIAAAERUgAAAAJoAQcKALZVUxzTDW_f7n08bayGJxpeaxjUxYOjdmJKJ9UVdSZan3GjpqMjqeioSKEp7yZB2SmUJLKviTeXBYRPe0BQQobfuk_t0sjoEgjkjbcPK2q-At6Fl6I3AlsxAg8j2VZyXRubkcLKR7l1fUnE5YzuEaPiu1wqnYHnlneppQdsTI2DRoRlJNm_OWkqwbdbTo0obN8KrLv7iAPTfuOb66AXZqCrYVrVlUQBgqFHqg6zSEn4BpCze1YjMpkCyLBWX6gzrORYBG8rW4HUba7SLnIxY0Ajhv1-RCQo-4hkAVfvjga8A15D7Ib7f4VsXRnEUgT_j-Unp7bx0CR3B1YKU9EGZ-r0ylKNhMty2LSSGayOHmv09X2kTTCOc3a0HZ0o-nnoSuQm5WIzFNLfrjPz7yHpo0SWHAMB30w0rwfEYvCN2wy403ZHw0M4e-05NvX5QsbanU_tUJXKfz0R25D_A3mbcY2X4xxWxAHJcVYac7YBs3moeNIfGY8FLiEiaQ9sGo9yLRuH6N6kxEAQ4GXZMu3kPv5ii5ikyNAgSl-SBFogGBXZS-YfOvzYPZzgQomEw0RJHWV18w4-CsG1NaIA6qbotPGEMaM00PPBQXPTfSyJNF2uwikXOOz-lQUicvfxVjRjIgSRBXjfOcsuwkjpKu_stCHkVgad4CXKcRGHK8b3CKPXQ2uxFFwuvLIc1SYFtOrdQlygLq9eWUm7WctoQy0XYn_SK2PY6dSL2kZl2eQF6By4FGITcXstCkPNwlQLhQXTOh9nM0UxmR0bjAUvNoh1BRGKBVBSxy4ga60dlzzory1k79qTHIjgliRQxamxqCUykmYTiOoQVG-5ZJy-FSxG1FqVSj-iCjwEDUbxEAxKv8SF0rX8wUlrqwciPKB_aOW6-pssTSOVW-E5AVR4QRG4mkMIcU5aS2Ar4Jok_UkiH66xB4QYqKk3O9dHsqwUyyUB65Nj65392_t7RKCu3ME9Un_koK_D6QWETbhxjKVICm1n6cJBmEVFTJlVj_sauDl3MiztGTpGoIstG_R174S3mJavQPrG-kQiL5Bx0cPjvH2RNwNwLzj3YU3pSzdL-G6-hmA3c9SPzMr_KPntZMFI1lHovErNoQIqEOctwAOHV9IEwU8si_6VsV052IIfYW-cKGfK34EMROIwDhrFuAw8TlBtrGHty-_4E08cWFNgfD3qaHQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 581D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022051201&jk=1834684928795533&bg=!WFulWx_NAAZX5TVhd-U7ACkAdvg8Wpfrf-9gQXSa5eXE7jKa23orF-OqlBkQ6c0MxkFKLrNDApJ9UQIAAAEAUgAAAAJoAQeZAtQqijoaxbsa83K1-K_wQbEU3ahDQgnw6esQ91NuT8WPIKWxzASIzPrTiRT05bCJ-R1xVAN6OSrpsLP8XzQmoxD9TJgHnCvVSwPCOAIrDKFFmzkBURX-aPAX7Htq0Fg3AeomsXAtnlryFUr_vze50iGaZCDGakqMkirwQ0K7x7NYDUe3bc77V97E9NTGBJbvYM3Rs49XnEqVuylPEyjA0SE2tFFZDgVmO1WJoNpptPa5CKUTj-OJS6QIB0M45P1kb7Vd7Zeb7m_yuTppUrpnxoeZwVMF9ZvT49J2RLgpaf-KuZ-JYX55Jk1yxVifIwwj8AdBv6w5JMyXUgXDMI7jzMZU6EyYHgevDE1mAPJAL9y0nID2q_tnvT2bp28AAKk5cynYOyC8JzUI6J_A8NltWVV7u3B9FBWwqtrYIXUYFDxGXAEQb1SMJDBa2p1vIuaSxF7uXZSu4sR2fAQoNTEC4pLZq_0QE5BCGUEnheOha07daj9O4I2XlsAZsCNm2SKrLuqR6OPQy7a7Zb0K2JiezdhhysfBQiG4mChG1CiseLk8kn29UYoRprCvT61zpcNzswPa1N6-v3x0zXdzLKfBLx2-ph1HL35wQKpQi6nblBOzMpUOMNLGLyonXQG5R6kq1UbBO-m-TppTV5ZFru1BthgCuFBBdfMBiuWT5ddT4SDrpyCex5lwVzhHxdoaLby0mW3wSKXL-j_V_d5RuwSffFnsPqQ_PRUwEcRKa_FwN49fbH3-0iQx6gYWLYYYxIRoNXAdd_8fub7lIfoO-Q0C47LIN64kKsEKv6_o4NRFWbkx1mGGhParpfBI1a49PqxA_XwzzDMCYQkQTJ7IkuK8cEpzQncwoGomRL1cVHZvHHHU-CuzsZWGUIhVnrVT8bVu_RkcCyePZKCgJm65eL_CZEuzY-kIfqOoTpfFSFkEmYLmPIbMjNo5SiND4ez6orbOVAWMYIjT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
944.json
id5-sync.com/g/v2/ Frame 0CFB 		213 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/944.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
1a2aa10e00a16aaa34abb2932d68f6c9ef9cfde6aa63c8bc6f07c72608f04a83
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sltrib.com
date
Tue, 17 May 2022 13:25:33 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ Frame 0CFB 		63 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=71nw1m8&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
83f2553a7589b199fa6f98fe65dfffb4f9091769325ce83bd36788154303bf3f

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 May 2022 13:25:33 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sltrib.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Thu, 16 Jun 2022 13:25:33 GMT
944.json
id5-sync.com/g/v2/ Frame 613D 		213 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/944.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
96f7d025e95bff8f174129b81143410b21c2a3ed8cbd8e3d3e7ceadd1cfd81ea
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sltrib.com
date
Tue, 17 May 2022 13:25:33 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ Frame 613D 		63 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=71nw1m8&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
83f2553a7589b199fa6f98fe65dfffb4f9091769325ce83bd36788154303bf3f

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 May 2022 13:25:33 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sltrib.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Thu, 16 Jun 2022 13:25:33 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 80E3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvDTXLy6vgRmFnQ-DD27OkynHv25zcsDMO5jghHWn7Pe57O4O1I_w880rgHzlhK58vwogVM7ED7zB4W0psa0E-DpmYu_w4uXBg23ueHlEyRrzcnWXDl&sig=Cg0ArKJSzOi2hc3K_ElwEAE&id=lidar2&mcvt=1024&p=16,436,106,1164&mtos=1024,1024,1024,1024,1024&tos=1024,0,0,0,0&v=20220511&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2597643340&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652793932790&rpt=101&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0CFB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022051201&jk=1870961346213497&bg=!zM-lz4vNAAZX5TVhd-U7ACkAdvg8WrB_blWu7idsdQNvVlmCaNEMG0MGfhrWIBCOsY1T7L0pLgNOxwIAAAEYUgAAAAdoAQeZAsMikNjB4_9k-_5v9O92x4S3LP-1B1LxW1l6PHWq4iMc1XHHkku4BN6kyU_LuM-RvL5hb-cM1M6dvbHokXqZwzGIjEMcR6tFvatDbuv64r_Nm-rZv5hOIFHyLj_H-a6pnq8K1cERZJMxaj4lUL-_K5JATEnX-lQQEMI7209_6ix-93L-_Lc8mX1wpmouT_cAKDBdtH7iM3akvFkKznTKOgvoksD8EJ3TQJjgaL2SATC1CuY9Nl44l_4Sc0K25wWUlEvR5DDcIeb8qs4evxiXSjWI_v16kv-48Jwdl8NmoarfgzAelHlPE6S8yoYt3mGCkVEIYUCgT1u4wXIlnQExrNk3ZOCnuSCA5K_fgD0kiNBB2ZOFVw1iGPTKTPI3YUYmxL4Z6d4XBg5alPl1W-3WKmFzieidXkgKD6dkgPxpgknSQjYfT_7k9OpD0EOZSsmhlZOJxc4IfcyP7Zi5DIFEw6cfa2yBly1PGMvM7Y5fbNhhiH1Bi29DCaLo1w_A15eO45Ci0ftWcs2XmA0r7GIBdCzwxgFSn8b00POUbd3_bU_GcHriR6qsDwLqxqPBlI_dNdONlMjJ932XOvQAeQfzQ3IU4UTQLI2CYBiaAOHn3qKxxQQJq1CPzF-wZfhnF1CmVyfaO4hmB3DR7Axg7M_GCTAaN8_YOLSPzfoBqs1nqvbfh0Vpq9d7DtZoPxrhRGt8klTDNj_nfXoW1jd7Zf02KTM38x-2kf8yHKPs05f7dh7VQmzcFnHW-ndIZsyzQUwtARrwRYP9YTQs36Ty0U6CQEwhwLP4uRj8Zy91Fue3if0YIpoyGAlHKCcliPH3_8eot9Wh-baonw_zY1zE-DdASFNL8MpGdsdK9VMPyaEc40yYkJGFub2zVhnRpD6X1slQwXfhgb9NBTOtACaU6OZA6XzuxQa_sdvEJzqwmKR_VpemFnhPvQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 613D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022051201&jk=1948261262765462&bg=!y8ilyIzNAAZX5TVhd-U7ACkAdvg8WhSjooPi70v3IDcmxkjeZbvT7YyZm33rbGhgOmwoNS6tP_YQBwIAAADuUgAAAAJoAQeZAtdY8p9N14rnBBU75HDUB75o7rWLYXz2SUDh9nATxDxqdAFbwcydtjS3cc6HvHhgrIA-1Va5U4gLRaCzbkkmLb30sMFFCM1isHOTtk6BAoQPp3qrn-tTqZXbYSBIdX84LAFT74BsWjREg80ld1dBwJwGoJyh2Y2WSz4XOecp5s28uCjMoPkF2BEAlyteK8MxL1buFPx9xzMKqP_8nDtrnyxfKOg1u0tdDjSXWZv_DUPGT4rcgZRq8DfN4V1bIF7CIkfLXCHMikI10z8B_7pmEtWbq5kbAmKRJckEvWwTVrqnZSXlmjKhDHfL8S9Us_qVJUns8VF1ujMv3OnE6Fl-pU9Wt6e9EI-USR6oBCxorjXU-Zq7mz9XCUhrSqm4Knvu-cwsqGFmnZXcqpOBOsasX1ply4O48X-tdSQUEk9cLX7Cy02TsiSVBXxPtKw9WBSfD0YLYJbME7ENArA_d8Fz9q-i52f-aIaj7ZQUSvNgOnbVoZ2vbExOwcCRWiSSq9Bd6hfD2-XPRS1WmqRQfQmC-sB5QohPFeXMVjKa4LdNQX2qzUY70cWmmd3Drvqgp0wuF9rYtKH9pauAgRaKiglNMIuD88zjaiDb-fY5N3YcyMZ722-UzyM2l_UjQAEElj-9YwBKL_eXOT7Ykl7pun75cyIf9nMrpHvGFjX-LLRtWlhuWSm8ln0vLYvN4Gcf7h7YU1CTQIlB2BIKUi9uucnaKnLkPNxGLQR5uHhLGb4C15g4svS3_gTj2Qt8rq3f9JqF3FLYq3kmsdDJR-Ny8JsDpAsFaaTm9WO1QnckXo6M735GjUQwyvdcMP61GezAphJtJAVCXU7BY7fxPi3ny7MdHy3AWX5nsv5RoLxO9Nm5UnnVcXaZNm_EeTrzf53QPiQATCqtLsZIZZY8jLTHD5JMhQb9d2CeU7vyxKuwd6GC3tEZsWoLphMb9An_8Ddll6BM98yOXJeLr398
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
async_usersync
ib.adnxs.com/ Frame BC21 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=8331&pub_id=2015670&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8331&pub_id=2015670
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:34 GMT
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
573b6f83-bc71-4a13-8cad-f364c9d3ec6c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 528B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWW8MqWxMnrZN5m8-i-Z--9kGrZ448n4by7fNOo5xp94PNKN4nObHhND0t59UBUuWUtjIP4DVQUPvlWMYhjH3grDUsrp8qSOgMEc5F0rae8c80XnZv09bMpA&sai=AMfl-YS2xb7uqeey6IFb9i_o85WTQdq9o5fT65WhDbW0evIRn8F0JbmMBVKlzGWc-SBYeHLXE4TKqgZ0xmEtvE6Woi5i9DQRVWRliO4HmBZLiaHKn2KKnF3zJFhzMQU&sig=Cg0ArKJSzOyoNCwSjlzVEAE&cid=CAASFeRoMaKvc8EWHWKYvk9s-RFMy2-ZQg&id=ampim&o=981,249&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=307&tls=1308&g=100&h=100&tt=1308&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
id.a-mx.com/sync/ Frame FFC3 		106 B
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.a-mx.com/sync/?tagId=&ref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/&u=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/&v=6.8.0&vg=pbjs&us_privacy=null&gdpr=0&gdpr_consent=
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3029727da8b83ca2008b89508ba307d5863ca785b87b66b7280e76f544be9592

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 May 2022 13:25:35 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LKLWFUwYQ%2B0E8WGBTDjAXSRi%2BggFbyhloSONwKbvbJmuWHrBTgNWXKJmEtSSpZEIzNrk10ZUsn01%2Bq4nl5SrQs0axHGPWomuJNBbtYmpshE7d0mE4V%2FeIUTRGqP3N42WZ%2BJWaBE2vfwQog%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private,max-age=3600
access-control-allow-credentials
true
cf-ray
70ccae117cb790ec-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
f
fid.agkn.com/ Frame FFC3 		151 B
684 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fid.agkn.com/f?apiKey=2339672991&r=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.167.84.186 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-84-186.us-west-2.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
105bb862cefbb8f28c6fd537b06f906231d68e2bf4aa976c4104a8531428f4a2

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:36 GMT
server
AAWebServer
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/javascript;charset=iso-8859-1
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
151
expires
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EFF7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.100.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-100-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=33231
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 17 May 2022 13:25:35 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 17 May 2022 22:39:26 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 666B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13395636
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 17 May 2022 13:25:35 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ams1
async_usersync.html
acdn.adnxs.com/dmp/ Frame A4C0 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
32339
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 May 2022 13:25:35 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 489894
X-Served-By
cache-lga13628-LGA, cache-hhn4051-HHN
X-Timer
S1652793936.530430,VS0,VE0
pd
u.openx.net/w/1.0/ Frame 4829 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 17 May 2022 13:25:35 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame 0567 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 13:25:35 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 313B 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.29.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-29-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 13:25:35 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 95F5 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1652793931962
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
PugMaster
image6.pubmatic.com/AdServer/ Frame EFF7 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=55250363&p=157898&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c7d2243795283099d8e4a4f40d3378b2db76ac38c45def78835a8ce9d6f9d170

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:36 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
async_usersync
ib.adnxs.com/ Frame A4C0 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:35 GMT
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1f2c889f-9b43-4f40-80c2-8680678fdb1f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
id.a-mx.com/sync/ Frame 581D 		106 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.a-mx.com/sync/?tagId=&ref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/&u=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/&v=6.8.0&vg=pbjs&us_privacy=null&gdpr=0&gdpr_consent=
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3029727da8b83ca2008b89508ba307d5863ca785b87b66b7280e76f544be9592

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 May 2022 13:25:35 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rX%2FdYXjmebEfstk52vsu6LYKVjTl84QJ2r9MUEvHhk7p0S%2BrOPz11OAGHHU8qmSDnLiacWQQgd1CGkMV2wmJss5owDruxsqeoVTesWhVAOKeBVhojWmwP%2FW2xvpHWWDjBoH%2BlHlFQuKG7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private,max-age=3600
access-control-allow-credentials
true
cf-ray
70ccae118cbb90ec-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
f
fid.agkn.com/ Frame 581D 		151 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fid.agkn.com/f?apiKey=2339672991&r=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.167.84.186 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-84-186.us-west-2.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
319ad22480eaa870561f449f86f870c3e8452e499b2a7e5d64fce6e4dafeffcd

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:36 GMT
server
AAWebServer
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/javascript;charset=iso-8859-1
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
151
expires
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 83F3 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
32339
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 May 2022 13:25:35 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 489897
X-Served-By
cache-lga13628-LGA, cache-hhn4051-HHN
X-Timer
S1652793936.594500,VS0,VE0
beacon
ap.lijit.com/ Frame FD83 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13395636
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 17 May 2022 13:25:35 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ams1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3803 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.100.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-100-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=33231
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 17 May 2022 13:25:35 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 17 May 2022 22:39:26 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 05C4 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1652793931986
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 63F3 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 13:25:35 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 7B8E 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 17 May 2022 13:25:35 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame BAF1 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.29.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-29-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 13:25:35 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 83F3 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:35 GMT
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
de9af210-361c-4436-899a-77d38ff0abd0
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 02B1
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.29.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-29-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c2f243136a8398cd6e047cbdc4798fb5f82ff4ad8db7b78e9ed43fb58f429bba

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1829
Content-Type
text/html
Date
Tue, 17 May 2022 13:25:35 GMT
Dropped-Udsids
39|241|230|45|46|13|239|156
Expires
Tue, 17 May 2022 13:25:35 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
396
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 17 May 2022 13:25:35 GMT
Expires
Tue, 17 May 2022 13:25:35 GMT
Location
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usync.js
eus.rubiconproject.com/ Frame 63F3 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3ad0c39acdff0d18168bbd2294ac5aa128fd845a582b0170b0bcbc79939b600e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 13:25:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 May 2022 20:46:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62408
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9499
Expires
Wed, 18 May 2022 06:45:43 GMT
usync.js
eus.rubiconproject.com/ Frame 0567 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3ad0c39acdff0d18168bbd2294ac5aa128fd845a582b0170b0bcbc79939b600e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 13:25:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 May 2022 20:46:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62408
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9499
Expires
Wed, 18 May 2022 06:45:43 GMT
usermatch
ssum-sec.casalemedia.com/ Frame A133
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.29.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-29-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
334b4836f4fcaa2699b3c8e5e0cd430e5649a9b52d7da0c2bfba70a758ee2481

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1681
Content-Type
text/html
Date
Tue, 17 May 2022 13:25:35 GMT
Dropped-Udsids
45|39|230|241|26|24|196|105
Expires
Tue, 17 May 2022 13:25:35 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
396
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 17 May 2022 13:25:35 GMT
Expires
Tue, 17 May 2022 13:25:35 GMT
Location
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
/
id.a-mx.com/sync/ Frame 0CFB 		106 B
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.a-mx.com/sync/?tagId=&ref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/&u=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/&v=6.8.0&vg=pbjs&us_privacy=null&gdpr=0&gdpr_consent=
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3029727da8b83ca2008b89508ba307d5863ca785b87b66b7280e76f544be9592

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 May 2022 13:25:35 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EfhzDClYqUiXLcXiNmGmydkyvx%2BPOMtQWxbALb7d5fcqTPIS6lTeKmQHVxeGp6cqUIA92xCeS7BFDS77qZaLJ4fqC7u1vopS6nciK3O%2Bklt3fZqzmJJOJU8q7QTiUu0f1g3GXkusXgsZhg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private,max-age=3600
access-control-allow-credentials
true
cf-ray
70ccae1328d99a3f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
f
fid.agkn.com/ Frame 0CFB 		151 B
684 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fid.agkn.com/f?apiKey=2339672991&r=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.167.84.186 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-84-186.us-west-2.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
67efa671ed24be2f691a7c0e078b5ccae36c0efe5d0adeb01cb4291da6d49bb3

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:36 GMT
server
AAWebServer
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/javascript;charset=iso-8859-1
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
151
expires
0
/
onetag-sys.com/usync/ Frame 87DF 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1652793932548
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
pd
u.openx.net/w/1.0/ Frame 9D8F 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 17 May 2022 13:25:35 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
beacon
ap.lijit.com/ Frame 9ECF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13395636
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 17 May 2022 13:25:35 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ams1
usync.html
eus.rubiconproject.com/ Frame 88FB 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 13:25:35 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8096 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.100.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-100-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=33231
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 17 May 2022 13:25:35 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 17 May 2022 22:39:26 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 1B16 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.29.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-29-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 13:25:35 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 29D7 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
32340
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 May 2022 13:25:35 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 489900
X-Served-By
cache-lga13628-LGA, cache-hhn4051-HHN
X-Timer
S1652793936.846188,VS0,VE0
setuid
px.ads.linkedin.com/ Frame 0567
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3A6TZMV-1C-6WD6
0
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3A6TZMV-1C-6WD6
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:35 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 488C053A35C24864A6E1F049DEC111CA Ref B: FRAEDGE1117 Ref C: 2022-05-17T13:25:36Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXfNRNymGAz3+T6s+yVIg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3A6TZMV-1C-6WD6
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 0567 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:35 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 0567
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMSfQJikimQQ3IOJkg1gnFI&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMSfQJikimQQ3IOJkg1gnFI&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMSfQJikimQQ3IOJkg1gnFI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0567
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGI3ZmI5ZWQ2YTFiYWRlMTQwMGYyMDEwMjgzMDMxMDZiMDM5NTJhZA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGI3ZmI5ZWQ2YTFiYWRlMTQwMGYyMDEwMjgzMDMxMDZiMDM5NTJhZA
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGI3ZmI5ZWQ2YTFiYWRlMTQwMGYyMDEwMjgzMDMxMDZiMDM5NTJhZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 0567
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=rbUQrli5TdiOxpU8yz0hqA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rbUQrli5TdiOxpU8yz0hqA
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rbUQrli5TdiOxpU8yz0hqA
Protocol
HTTP/1.1
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:36 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
E7RSHAP64YAQA94Q6VPJ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rbUQrli5TdiOxpU8yz0hqA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 0567
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=-8aWCOabTN-orEsSJvtRHw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-8aWCOabTN-orEsSJvtRHw
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-8aWCOabTN-orEsSJvtRHw
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:36 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
9S45EXS1EKKBT0AZX6BC
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-8aWCOabTN-orEsSJvtRHw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 0567
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/38LFKNys_fJwOKHtQ5ZtV8n5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2855090975836946221
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2855090975836946221
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

date
Tue, 17 May 2022 13:25:36 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2855090975836946221
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
v1
ads.yahoo.com/cms/ Frame 0567
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3A6TZMV-1C-6WD6&sigv=1&esig=2~997b1c31ba9fda59223d366ba18d50ea3781faf2
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3A6TZMV-1C-6WD6&sigv=1&esig=2~997b1c31ba9fda59223d366ba18d50ea3781faf2
Protocol
H2
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:36 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3A6TZMV-1C-6WD6&sigv=1&esig=2~997b1c31ba9fda59223d366ba18d50ea3781faf2
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
casale
match.adsrvr.org/track/cmf/ Frame 02B1 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:35 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 02B1
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoOiTwgY4IhUp3ZYtM7cGwAABJ4AAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoOiTwgY4IhUp3ZYtM7cGwAABJ4AAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoOiTwgY4IhUp3ZYtM7cGwAABJ4AAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:36 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
C0X0QW5MKWYBRQD6F863
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:36 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
VA9GHGS93M1SXTN0K46J
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoOiTwgY4IhUp3ZYtM7cGwAABJ4AAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 02B1 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YoOiTwgY4IhUp3ZYtM7cGwAABJ4AAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 02B1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YoOiTwgY4IhUp3ZYtM7cHQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAaZzwcR1f2xbKsIYnp1tts&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAaZzwcR1f2xbKsIYnp1tts&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
104.89.29.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-29-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 13:25:36 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAaZzwcR1f2xbKsIYnp1tts&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getuid
secure.adnxs.com/ Frame 02B1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 02B1
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
104.89.29.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-29-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 13:25:36 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
date
Tue, 17 May 2022 13:25:36 GMT
access-control-allow-credentials
true
x-powered-by
Express
content-length
0
vary
Origin
keep-alive
timeout=5
user-registering
ads.stickyadstv.com/ Frame 02B1 		43 B
724 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=YoOiTwgY4IhUp3ZYtM7cGwAA%261182&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:36 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1652793935966052-345
Expires
Tue, 17 May 2022 13:25:36 GMT
cookiesync
bttrack.com/pixel/ Frame 02B1 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

X-ServerName
Track003-iad
Pragma
no-cache
Date
Tue, 17 May 2022 13:25:24 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 02B1 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YoOiTwgY4IhUp3ZYtM7cGwAA%261182
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.29.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-29-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 13:25:36 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3292
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 14:20:28 GMT
usync.js
eus.rubiconproject.com/ Frame 88FB 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3ad0c39acdff0d18168bbd2294ac5aa128fd845a582b0170b0bcbc79939b600e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 13:25:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 May 2022 20:46:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62408
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9499
Expires
Wed, 18 May 2022 06:45:43 GMT
/
id.a-mx.com/sync/ Frame 613D 		106 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.a-mx.com/sync/?tagId=&ref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/&u=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/&v=6.8.0&vg=pbjs&us_privacy=null&gdpr=0&gdpr_consent=
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14130/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3029727da8b83ca2008b89508ba307d5863ca785b87b66b7280e76f544be9592

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 May 2022 13:25:35 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQyUb%2BwwQGKwoIO71AfBN87ejvYCLVhQqJVrKVOmic9FtYcUWV6vIdg9CF9kYzM2MQjrpDxF5tv8R9DDyRVjMkG1iSqbHiD07%2BpR2m4pigFw5TTtVtJqO%2BCXW2UbjNG0Fi919mLqih2nUw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private,max-age=3600
access-control-allow-credentials
true
cf-ray
70ccae1389ad9a3f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
f
fid.agkn.com/ Frame 613D 		151 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fid.agkn.com/f?apiKey=2339672991&r=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14130/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.167.84.186 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-84-186.us-west-2.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
9ceb29aeca12f186cdc4c6e7bb7ac6313f565918d5e9b52a79c11611ef6c2d0b

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:36 GMT
server
AAWebServer
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/javascript;charset=iso-8859-1
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
151
expires
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 901D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14130/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
32340
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 May 2022 13:25:35 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 489906
X-Served-By
cache-lga13628-LGA, cache-hhn4051-HHN
X-Timer
S1652793936.933642,VS0,VE0
/
onetag-sys.com/usync/ Frame FD85 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1652793932543
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14130/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
ixmatch.html
js-sec.indexww.com/um/ Frame 5390 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14130/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.29.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-29-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 13:25:35 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 4C9C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13395636
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14130/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 17 May 2022 13:25:35 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ams1
pd
u.openx.net/w/1.0/ Frame 14BD 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14130/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 17 May 2022 13:25:35 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E145 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14130/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.100.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-100-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=33231
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 17 May 2022 13:25:35 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 17 May 2022 22:39:26 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 89FA 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14130/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 13:25:35 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
crum
dsum-sec.casalemedia.com/ Frame A133
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YoOiTwgY4IhUp3ZYtM7cHQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAaZzwcR1f2xbKsIYnp1tts&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAaZzwcR1f2xbKsIYnp1tts&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
104.89.29.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-29-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 13:25:36 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAaZzwcR1f2xbKsIYnp1tts&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame A133 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:35 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame A133 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YoOiTwgY4IhUp3ZYtM7cHQAABKkAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame A133
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoOiTwgY4IhUp3ZYtM7cHQAABKkAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoOiTwgY4IhUp3ZYtM7cHQAABKkAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoOiTwgY4IhUp3ZYtM7cHQAABKkAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:36 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
H1DD577YC129EY4JQ505
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:36 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
C7JTS2MFGE604MYR8VKY
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoOiTwgY4IhUp3ZYtM7cHQAABKkAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
sync.taboola.com/sg/indexscod/1/cm/ Frame A133 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=1&gdpr_consent=&id=YoOiTwgY4IhUp3ZYtM7cHQAA%261193
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
25548
/
csync.loopme.me/ Frame A133 		0
0
crum
dsum-sec.casalemedia.com/ Frame A133
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
104.89.29.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-29-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 17 May 2022 13:25:36 GMT

Redirect headers

date
Tue, 17 May 2022 13:25:36 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
crum
dsum-sec.casalemedia.com/ Frame A133
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
104.89.29.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-29-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 13:25:36 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Tue, 17 May 2022 13:25:36 GMT
server
nginx/1.20.0
content-length
76
htw-pixel.gif
js-sec.indexww.com/ht/ Frame A133 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YoOiTwgY4IhUp3ZYtM7cHQAA%261193
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.29.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-29-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 13:25:35 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3293
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 14:20:28 GMT
async_usersync
ib.adnxs.com/ Frame 29D7 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:35 GMT
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5e4e4bd0-3e25-42ba-a397-03d00c06c882
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame B3D1 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.29.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-29-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
023ac517a48eabc2ea5192a707407d64652ce20c31b284fa2fe28a1870c0c854

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1773
Content-Type
text/html
Date
Tue, 17 May 2022 13:25:35 GMT
Dropped-Udsids
46|73|3|4|13|190|24|218
Expires
Tue, 17 May 2022 13:25:35 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
usync.js
eus.rubiconproject.com/ Frame 89FA 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3ad0c39acdff0d18168bbd2294ac5aa128fd845a582b0170b0bcbc79939b600e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 13:25:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 May 2022 20:46:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62407
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9499
Expires
Wed, 18 May 2022 06:45:43 GMT
async_usersync
ib.adnxs.com/ Frame 901D 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:36 GMT
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
cbbb9f93-9306-4587-b399-76e7dfabf0b3
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 04FD 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.29.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-29-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7556eb1b9c2dc9d89206ed6cdcf394275230205ef4e0c4195ef353da71223a34

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1682
Content-Type
text/html
Date
Tue, 17 May 2022 13:25:36 GMT
Dropped-Udsids
46|73|3|4|18|195|196|24
Expires
Tue, 17 May 2022 13:25:36 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
getuid
secure.adnxs.com/ Frame B3D1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
YoOiTwgY4IhUp3ZYtM7cHQAABKkAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B3D1 		43 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YoOiTwgY4IhUp3ZYtM7cHQAABKkAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:cba9:630b:f07c:688c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:36 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame B3D1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=909b6283-a250-4800-b4ca-e24421e480a9&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=909b6283-a250-4800-b4ca-e24421e480a9&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
104.89.29.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-29-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 13:25:36 GMT

Redirect headers

Date
Tue, 17 May 2022 13:25:36 GMT
Server
MT3 4409 ba5503e master cdg-pixel-x11 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=909b6283-a250-4800-b4ca-e24421e480a9&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 17 May 2022 13:25:35 GMT
rum
dsum-sec.casalemedia.com/ Frame B3D1
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2714794568175277182
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2714794568175277182
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
104.89.29.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-29-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 13:25:36 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2714794568175277182
pragma
no-cache
date
Tue, 17 May 2022 13:25:35 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame B3D1
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
104.89.29.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-29-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 13:25:38 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
date
Tue, 17 May 2022 13:25:38 GMT
access-control-allow-credentials
true
x-powered-by
Express
content-length
0
vary
Origin
keep-alive
timeout=5
getuid
ib.adnxs.com/ Frame B3D1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
/
csync.loopme.me/ Frame B3D1 		0
0
ibs:dpid=23728&dpuuid=YoOiTwgY4IhUp3ZYtM7cHQAA%261193
dpm.demdex.net/ Frame B3D1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YoOiTwgY4IhUp3ZYtM7cHQAA%261193?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.145.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-145-37.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
htw-pixel.gif
js-sec.indexww.com/ht/ Frame B3D1 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YoOiTwgY4IhUp3ZYtM7cHQAA%261193
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.29.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-29-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 13:25:36 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3292
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 14:20:28 GMT
getuid
secure.adnxs.com/ Frame 04FD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
YoOiTwgY4IhUp3ZYtM7cHQAABKkAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 04FD 		43 B
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YoOiTwgY4IhUp3ZYtM7cHQAABKkAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:cba9:630b:f07c:688c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:36 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame 04FD
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=ded86283-a250-4400-9191-a00cea6a4e74&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=ded86283-a250-4400-9191-a00cea6a4e74&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
104.89.29.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-29-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 13:25:36 GMT

Redirect headers

Date
Tue, 17 May 2022 13:25:36 GMT
Server
MT3 4409 ba5503e master cdg-pixel-x27 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=ded86283-a250-4400-9191-a00cea6a4e74&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 17 May 2022 13:25:35 GMT
rum
dsum-sec.casalemedia.com/ Frame 04FD
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2642736974137349246
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2642736974137349246
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
104.89.29.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-29-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 13:25:36 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2642736974137349246
pragma
no-cache
date
Tue, 17 May 2022 13:25:35 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 04FD
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1668691536&external_user_id=ccdfc78f-9f8e-45ec-ad5f-d4dba22d150a
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1668691536&external_user_id=ccdfc78f-9f8e-45ec-ad5f-d4dba22d150a
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
104.89.29.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-29-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 13:25:36 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1668691536&external_user_id=ccdfc78f-9f8e-45ec-ad5f-d4dba22d150a
date
Tue, 17 May 2022 13:25:36 GMT
access-control-allow-origin
*.casalemedia.com
content-length
157
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 04FD
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-3acf579c-823a-4624-9a7a-2900c4c1e276
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-3acf579c-823a-4624-9a7a-2900c4c1e276
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
104.89.29.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-29-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 13:25:36 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-3acf579c-823a-4624-9a7a-2900c4c1e276
date
Tue, 17 May 2022 13:25:36 GMT
server
Apache-Coyote/1.1
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 04FD
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
104.89.29.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-29-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 17 May 2022 13:25:36 GMT

Redirect headers

date
Tue, 17 May 2022 13:25:36 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
/
csync.loopme.me/ Frame 04FD 		0
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 04FD 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YoOiTwgY4IhUp3ZYtM7cHQAA%261193
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.29.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-29-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 13:25:36 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3292
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 14:20:28 GMT
match
c1.adform.net/serving/cookie/ Frame C6C8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=242421FC-1227-4223-BB5A-E49A2094C76E
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=242421FC-1227-4223-BB5A-E49A2094C76E
35 B
476 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=242421FC-1227-4223-BB5A-E49A2094C76E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 17 May 2022 13:25:36 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Tue, 17 May 2022 13:25:36 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=242421FC-1227-4223-BB5A-E49A2094C76E
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 978B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ded86283-a250-4400-9191-a00cea6a4e74&gdpr=0&gdpr_consent=
42 B
339 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ded86283-a250-4400-9191-a00cea6a4e74&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 17 May 2022 13:25:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
sfopug017:0:1147

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 17 May 2022 13:25:36 GMT
Expires
Tue, 17 May 2022 13:25:35 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4409 ba5503e master cdg-pixel-x33 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ded86283-a250-4400-9191-a00cea6a4e74&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame EB1C
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3932179186703202776
42 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3932179186703202776
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 17 May 2022 13:25:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
sfopug009:0:432

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3932179186703202776
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 9689 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:25:35 GMT
expires
Tue, 17 May 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
605525
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame F4BD
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7098695902156224653
42 B
545 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7098695902156224653
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 17 May 2022 13:25:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
sfopug002:0:462

Redirect headers

Connection
keep-alive
Date
Tue, 17 May 2022 13:25:36 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7098695902156224653
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EFF7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JCQh_BInQiO7WuSaIJTHbg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Server
104.92.100.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-100-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:36 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=33230
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Tue, 17 May 2022 22:39:26 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame EFF7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ded86283-a250-4400-9191-a00cea6a4e74
0
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ded86283-a250-4400-9191-a00cea6a4e74
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:36 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 17 May 2022 13:25:36 GMT
Server
MT3 4409 ba5503e master cdg-pixel-x7 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ded86283-a250-4400-9191-a00cea6a4e74
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 17 May 2022 13:25:35 GMT
generic
match.adsrvr.org/track/cmf/ Frame EFF7
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=242421FC-1227-4223-BB5A-E49A2094C76E
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame EFF7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjQyNDIxRkMtMTIyNy00MjIzLUJCNUEtRTQ5QTIwOTRDNzZF&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Server
104.36.113.107 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:36 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug012:0:856
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame EFF7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFQCM_Gdw1fdasO6QooqFlU&google_cver=1
42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFQCM_Gdw1fdasO6QooqFlU&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Server
104.36.113.107 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:35 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug010:0:748
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFQCM_Gdw1fdasO6QooqFlU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame EFF7 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:36 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 16 May 2022 13:25:36 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame EFF7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3491808872652517208
42 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3491808872652517208
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Server
104.36.113.107 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:35 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug011:0:517
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:36 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3491808872652517208
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame EFF7 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame EFF7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4820332596612522662&gdpr=0&gdpr_consent=
42 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4820332596612522662&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Server
104.36.113.107 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:35 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug008:0:4485
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:36 GMT
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
bd323791-4ff6-4128-9982-ab05c45e183a
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4820332596612522662&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame EFF7
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MqcjwWWnLsIpoCqUNqc2wT2lL8Qp93mRZqIsQNl4
42 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MqcjwWWnLsIpoCqUNqc2wT2lL8Qp93mRZqIsQNl4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Server
104.36.113.107 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:35 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug020:0:438
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:36 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MqcjwWWnLsIpoCqUNqc2wT2lL8Qp93mRZqIsQNl4
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
242421FC-1227-4223-BB5A-E49A2094C76E
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame EFF7 		43 B
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/242421FC-1227-4223-BB5A-E49A2094C76E?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:cba9:630b:f07c:688c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:36 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
async_usersync
ib.adnxs.com/ Frame A4C0 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:36 GMT
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f472be5a-31b7-44cf-bdfb-5627c8b53121
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 83F3 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:36 GMT
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
56fef7dc-6cce-43af-bb4f-bf79e95657fd
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 29D7 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:36 GMT
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
dc356c46-6904-40c7-9c3f-fed7076df9b4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 901D 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:37 GMT
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
6ae15d15-89ca-48a0-b0c9-fc885d16e7bb
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
st
capi-tier-2-us-east-2.connatix.com/tr/ Frame 08BF 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-2-us-east-2.connatix.com/tr/st?v=162633
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.190.49.176 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-49-176.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 17 May 2022 13:25:37 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
SPug
simage4.pubmatic.com/AdServer/ Frame EFF7 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157898&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.24 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 09:44:13 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
st
capi-tier-2-us-east-2.connatix.com/tr/ Frame BEF5 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-2-us-east-2.connatix.com/tr/st?v=162633
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.190.49.176 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-49-176.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 17 May 2022 13:25:37 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
PugMaster
image6.pubmatic.com/AdServer/ Frame 3803 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=57624753&p=157898&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
271b323a4034fd6c4bae967f24900e8c99655a204662def18237f040662851d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:38 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame D07D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YoOiUgACAXd_9AAo&gdpr=0&gdpr_consent=&_test=YoOiUgACAXd_9AAo
1 B
314 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YoOiUgACAXd_9AAo&gdpr=0&gdpr_consent=&_test=YoOiUgACAXd_9AAo
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 17 May 2022 13:25:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
sfopug002:0:408

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Tue, 17 May 2022 13:25:39 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YoOiUgACAXd_9AAo&gdpr=0&gdpr_consent=&_test=YoOiUgACAXd_9AAo
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn4063-HHN
x-timer
S1652793939.061720,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame A2C5
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=JptUsi5RTYdovlr8Rw_Rgtly2hw
0
0
adx
match.prod.bidr.io/cookie-sync/ Frame EBB0
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFER3IwN0ZCMFVBQUVYYTFEODNiUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
0
0
/
csync.loopme.me/ Frame AC2F 		0
0
pub
matching.truffle.bid/sync/ Frame FEE0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 -, , ASN (),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Tue, 17 May 2022 13:25:39 GMT
Server
nginx/1.21.6
Strict-Transport-Security
max-age=15768000
bridge
cm.adgrx.com/ Frame 2829 		0
0
Artemis
aud.pubmatic.com/AdServer/ Frame 3803
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=242421FC-1227-4223-BB5A-E49A2094C76E&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=242421FC-1227-4223-BB5A-E49A2094C76E&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=242421FC-1227-4223-BB5A-E49A2094C76E&addseg=19,36,42
0
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 3803
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=242421FC-1227-4223-BB5A-E49A2094C76E&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=242421FC-1227-4223-BB5A-E49A2094C76E&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=242421FC-1227-4223-BB5A-E49A2094C76E&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.60.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:36 GMT
frontend-id
9
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:36 GMT
frontend-id
14
location
/pubmatic/1/info2?sType=sync&sExtCookieId=242421FC-1227-4223-BB5A-E49A2094C76E&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 3803 		95 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=242421FC-1227-4223-BB5A-E49A2094C76E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
70ccae259c199b28-FRA
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame 3803
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=242421FC-1227-4223-BB5A-E49A2094C76E
  • https://a.audrte.com/p
0
0
SPug
image4.pubmatic.com/AdServer/ Frame 3803
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=242421FC-1227-4223-BB5A-E49A2094C76E&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4PWlqLlE2uV_DNZwqE8snyx3V9OQyvw-~A&gdpr=0&gdpr_consent=
0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4PWlqLlE2uV_DNZwqE8snyx3V9OQyvw-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:38 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4PWlqLlE2uV_DNZwqE8snyx3V9OQyvw-~A&gdpr=0&gdpr_consent=
date
Tue, 17 May 2022 13:25:39 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 3803
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=9c542e50-cc8c-4e86-b189-fef6e9c77045&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_a89608d9-8e92-4330-a503-d3a57d288dd2&bsw_param=9c542e50-cc8c-4e86-b189-fef6e9c77045&expires=10
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9c542e50-cc8c-4e86-b189-fef6e9c77045&gdpr=&gdpr_consent=&gdpr_pd=
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3803
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:9c539778-51cf-4572-837f-0e035d02b3b2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:9c539778-51cf-4572-837f-0e035d02b3b2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
104.36.113.107 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:38 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug006:0:373
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:9c539778-51cf-4572-837f-0e035d02b3b2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Tue, 17 May 2022 13:25:38 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 3803
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2714794568175277182&gdpr=0&gdpr_consent=&us_privacy=
1 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2714794568175277182&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
104.36.113.107 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:37 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug020:0:281
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2714794568175277182&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 17 May 2022 13:25:38 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 3803 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=242421FC-1227-4223-BB5A-E49A2094C76E&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:39 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3803
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4820332596612522662
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4820332596612522662
Protocol
H2
Server
104.36.113.107 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:38 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug002:0:341
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 17 May 2022 13:25:38 GMT
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b15ae82d-2010-41a8-a5bc-d2673fb2f1d2
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4820332596612522662
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 8096 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=59105826&p=157898&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c5a1dfc90472c0e0b16c611604a7b5c1d6c2fbeedf1fc96178d24e36d844f99a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:38 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame E145 		47 B
167 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=10381417&p=157898&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:25:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
47
content-type
text/html; charset=UTF-8
i.match
s.tribalfusion.com/z/ Frame 09E9
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
0
0
cookiesync
core.iprom.net/ Frame A0A1 		0
0
/
pixel-eu.onaudience.com/ Frame 69C3
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid
0
0
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame F52A
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=05d8ab0f-f35f-4109-ab26-d52632a4602e-tuct97d27d3&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
147 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=05d8ab0f-f35f-4109-ab26-d52632a4602e-tuct97d27d3&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Tue, 17 May 2022 13:25:39 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4067-HHN
x-timer
S1652793939.324470,VS0,VE9

Redirect headers

accept-ranges
bytes
content-length
0
date
Tue, 17 May 2022 13:25:39 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=05d8ab0f-f35f-4109-ab26-d52632a4602e-tuct97d27d3&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4047-HHN
x-timer
S1652793939.120799,VS0,VE9
x-vcl-time-ms
9
Pug
simage2.pubmatic.com/AdServer/ Frame 6919
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1652793939136
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
0
0
141
match.deepintent.com/usersync/ Frame 0BAE 		0
0
usersync
match.bnmla.com/ Frame 1A4D 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame C110
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:326F174BAE7742FBB30AD9523F839E8D
1 B
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:326F174BAE7742FBB30AD9523F839E8D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 17 May 2022 13:25:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
sfopug014:0:378

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
138
content-type
text/html
date
Tue, 17 May 2022 13:25:39 GMT
expires
Mon, 16 May 2022 13:25:39 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:326F174BAE7742FBB30AD9523F839E8D
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame D4C9
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EhyLrzB91NQXcL5&gdpr=0&gdpr_consent=
0
0
cr
cr.frontend.weborama.fr/ Frame 8096
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2080433080
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2080433080
Protocol
H3
Server
34.111.129.221 -, , ASN (),
Reverse DNS
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:38 GMT
via
1.1 google
last-modified
Tue, 17 May 2022 13:25:39 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:38 GMT
via
1.1 google
last-modified
Tue, 17 May 2022 13:25:39 GMT
server
Weborama Collect Frontend
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2080433080
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 8096
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=242421FC-1227-4223-BB5A-E49A2094C76E&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=242421FC-1227-4223-BB5A-E49A2094C76E&gdpr=0&gdpr_consent=&ct=y
0
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 8096 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 -, , ASN (),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:38 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
d1ba4609
rtb.gumgum.com/getuid/ Frame 8096 		35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.98 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:25:39 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
generic
sync.ipredictive.com/d/sync/cookie/ Frame 8096 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
csync.loopme.me
URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=JptUsi5RTYdovlr8Rw_Rgtly2hw
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Domain
csync.loopme.me
URL
https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
Domain
cm.adgrx.com
URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Domain
aud.pubmatic.com
URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=242421FC-1227-4223-BB5A-E49A2094C76E&addseg=19,36,42
Domain
a.audrte.com
URL
https://a.audrte.com/p
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9c542e50-cc8c-4e86-b189-fef6e9c77045&gdpr=&gdpr_consent=&gdpr_pd=
Domain
s.tribalfusion.com
URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Domain
core.iprom.net
URL
https://core.iprom.net/cookiesync
Domain
pixel-eu.onaudience.com
URL
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Domain
match.bnmla.com
URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EhyLrzB91NQXcL5&gdpr=0&gdpr_consent=
Domain
sync.crwdcntrl.net
URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=242421FC-1227-4223-BB5A-E49A2094C76E&gdpr=0&gdpr_consent=&ct=y
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

160 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| Coral function| setImmediate function| clearImmediate object| BOOMR_mq string| BOOMR_API_key object| BOOMR number| BOOMR_lstart function| ttd_dom_ready function| TTDUniversalPixelApi object| Fusion string| googleAnalytics string| gaTitle object| globalContent object| XML_CHAR_MAP function| escapeXml string| siteName object| authors string| articletags string| GoogleAnalyticsObject function| ga object| dataLayer object| homepage object| isAdmin string| section object| _sf_async_config string| cbSectionsVal string| authorName string| headlines undefined| hotTopic number| _sf_startpt object| _cbq number| _sf_endpt function| x00_0x1aa1 function| x00_0x1b93 function| x00_0x1f86 function| x00_0x7e8a object| _Scanner object| _cb_shared object| idOne object| idTwo undefined| appId function| twq object| queryly object| searchPage object| CoralCount object| react object| React object| ReactDOM object| PropTypes object| scCGSHMRCache object| StyledComponents object| regeneratorRuntime number| 2f1acc6c3a606b082e5eef5e54414ffb function| _ object| FontAwesomeConfig object| ___FONT_AWESOME___ object| pSUPERFLY_mab object| pSUPERFLY function| cnx object| c object| apstag function| cnxps object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue object| gaplugins object| gaGlobal object| gaData object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| _cbm string| env string| pianoPush string| meteredParam boolean| isMetered string| cloudFlare object| sltribDeployment object| tp object| tags string| firstPublishedDate boolean| isSponsored object| sites undefined| __CSP_NONCE object| Osano object| litHtmlVersions object| google_tag_manager object| twttr function| $ function| jQuery string| ssaUrl function| fbq function| _fbq function| admiral boolean| apstagLOADED undefined| google_measure_js_timing function| BlockAdBlock object| blockAdBlock boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG object| cX function| ___tp function| onYouTubeIframeAPIReady function| 4dm1r11545242527 object| PianoESPConfig object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| cnx_usr_storage object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| cnxPlugins number| google_global_correlator object| closure_lm_693265 object| closure_lm_137407 number| BOOMR_onload object| GoogleGcLKhOms object| confiant number| lnt_z object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager function| cnxAddEventListener

92 Cookies

Domain/Path Name / Value
www.sltrib.com/ Name: arc-country
Value: DE
.sltrib.com/ Name: AKA_A2
Value: A
www.sltrib.com/ Name: akaas_AS_sltrib_sltrib_prod
Value: 2147483647~rv=38~id=0e83cddc9ea74b3f2d249003f5e229c9
www.sltrib.com/ Name: _cb_ls
Value: 1
www.sltrib.com/ Name: _cb
Value: 0Dlg5Cg6TvsCd5PmZ
www.sltrib.com/ Name: _chartbeat2
Value: .1652793927699.1652793927699.1.BDhPSICeR72JDYIXG5jmFnYByQIw8.1
www.sltrib.com/ Name: _cb_svref
Value: null
.sltrib.com/ Name: _ga
Value: GA1.2.1494881405.1652793928
.sltrib.com/ Name: _gid
Value: GA1.2.1643013943.1652793928
.t.co/ Name: muc_ads
Value: 3bf02a72-dd9e-4e0e-a68f-b50c80aac4e1
.twitter.com/ Name: personalization_id
Value: "v1_pPEfYvkueN49ugsn30j75Q=="
www.sltrib.com/ Name: __adblocker
Value: false
.piano.io/ Name: __cf_bm
Value: ATuv_lpgzN.JXPq_FwS37Z4yYvGb52j_K90IVOX3_2g-1652793928-0-AXEGQmrOqpRghIiIY1+woUiI7X+FAXwRC46ITmgLQDc9YSAlQPhDz/9ytF/SlAF0/ICeOq6naCV31DfdGBHz7Kw=
.sltrib.com/ Name: __tbc
Value: %7Bkpex%7DGmmCyT-gaBGEgTR7-yvifzjSOhiA8P8X7OD0Gbr26_a5pf0_vV9rLVpkglB9hydZ
.sltrib.com/ Name: cX_P
Value: l3a6tx4d5ge6aou7
www.sltrib.com/ Name: __pat
Value: -21600000
.sltrib.com/ Name: __pvi
Value: %7B%22id%22%3A%22v-l3a6tx4riqwzc13r%22%2C%22domain%22%3A%22.sltrib.com%22%2C%22time%22%3A1652793928755%7D
.sltrib.com/ Name: xbc
Value: %7Bkpex%7DV8x7OMfjdmS8hB-kAziBB7Di1Vfe-ZRDi4lgtXF6l0VIOSoXMlqK5szpPrKEKM-Nu8QuCaW_b4rGw-PS6lnkutjn6N4q9FsnrMVYS-ySBcl5R4VY8t_ZnmfmPyLrq1P1GvSjbskO9LhEGBwNpQ46CskUR-0x6-t_G5PLsCag_Lq0DqOKXiO3JjRiT0y-OygyZsbbRQMzh7tFYoHCtJ4D1Q
.doubleclick.net/ Name: IDE
Value: AHWqTUmVTitAqOdHj8yC3FBfKk_Jq8ma3HD1XuC37YvaVqXavgr6zpPx3l7MI7M1J0I
.tinypass.com/ Name: ch_sid
Value: hXU4alavw342QtQ
.tinypass.com/ Name: LANG
Value: en_US
.tinypass.com/ Name: LANG_CHANGED
Value: en_US
.sltrib.com/ Name: __pil
Value: en_US
m.stripe.com/ Name: m
Value: 9eddd75a-76bf-47bb-9c54-e12c4e804460fb1f7c
www.sltrib.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.sltrib.com/ Name: _pubcid
Value: 5127c063-3a13-46e8-adb5-e612903fc64c
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: HAPLB5A
Value: s56132|YoOiT
.rubiconproject.com/ Name: khaos
Value: L3A6TZMV-1C-6WD6
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB29lWKqU6lyh7U1ZxogGjlwOA+xFj1I9sdCW7L1Z9UHRhjqPT6rF9KLHYM/snKjPsfU6lfw7T/nm8xuhZpbWKLtSO1Kqm/rGnA=
.adnxs.com/ Name: uuid2
Value: 4820332596612522662
.sltrib.com/ Name: _gat_pianoTracker
Value: 1
www.sltrib.com/ Name: cto_bidid
Value: juf4UF9kd1o1JTJCRkRsYVpuMFVCNFczcmQ0bnI3eHEzOSUyRjRGYVRVUHZnb3hNUUp3SmtGNFczbm01VW1XZDk2bklwVVJpbjdhWFZPN1hwbll2VmQ5TDloYkZaTWclM0QlM0Q
www.sltrib.com/ Name: cto_bundle
Value: VAWYc19hRTlyTzBtd1BpSmJ0T2QwT09XVWhDdWElMkJ5NkNmRyUyQlRlaFhoRG9sN2R5eE1FZEo1cUMyRW9ES3RqYU5kMiUyQlIyRUx4S29FQkMxNENUWnFJU2l3eXBlV1NsWDk4bGp6S0RVem5KS3dkbzk4RVdtWVdkQUIwRCUyQnBJMkw1anpmZHI0
.adnxs.com/ Name: icu
Value: ChgItoN7EAoYAiACKAIwzMSOlAY4AkACSAIQzMSOlAYYAQ..
prebid.a-mo.net/ Name: __amc
Value: 2_1652793931_1652793932
.sltrib.com/ Name: __gads
Value: ID=33f411bc0ab0df7d:T=1652793932:S=ALNI_Mb7rCMgFyeT62FSY3b22jX6zESppQ
.sltrib.com/ Name: __gpi
Value: UID=00000661a9c9df63:T=1652793932:RT=1652793932:S=ALNI_Maj1Euu5EDAeCvoVuSFNVVQcIer1w
.ad-srv.net/ Name: u8x7eovwf3h6_uid
Value: dbc772647d07e087
.ad-srv.net/ Name: v0rur7gqspb3_uid
Value: a06c0d028fbfcda7
.doubleclick.net/ Name: DSID
Value: NO_DATA
www.sltrib.com/ Name: _lr_retry_request
Value: true
www.sltrib.com/ Name: _lr_env_src_ats
Value: false
.awin1.com/ Name: awpv14098
Value: 559379|1652793933|d49ea7f0-d5e4-11ec-a3bf-2261f125a1e5
.awin1.com/ Name: AWSESS
Value: 379079:2519508
www.sltrib.com/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-05-17T13%3A25%3A33%22%7D
.ads.pubmatic.com/ Name: KCCH
Value: YES
.casalemedia.com/ Name: CMPS
Value: 5200
.casalemedia.com/ Name: CMID
Value: YoOiTwgY4IhUp3ZYtM7cHQAA
.casalemedia.com/ Name: CMPRO
Value: 1193
.casalemedia.com/ Name: CMST
Value: YoOiT2KDolAA
ads.stickyadstv.com/ Name: UID
Value: 1f6c9f8ea2b6f53fd657e74d9215f9d
ads.stickyadstv.com/ Name: sessionId
Value: 9dc0a27f4954de5f258ab5ae612f54
ads.stickyadstv.com/ Name: uid-bp-34673
Value: YoOiTwgY4IhUp3ZYtM7cGwAA&1182
.yahoo.com/ Name: A3
Value: d=AQABBFCig2ICECM8JEbTBJ3i5LzsbrOgHf4FEgEBAQHzhGKNYgAAAAAA_eMAAA&S=AQAAAiGiW6URhMteaRbNg1dISus
.agkn.com/ Name: ab
Value: 0001%3AYWeJz02FqhhX88hvc7wpxRyZOh3blsWw
www.sltrib.com/ Name: pbjs_fabrickId
Value: %7B%22fabrickId%22%3A%22E1%3A3Ssg7_0MonymrFEUTA19FiHRZPyTVgVqQOvSOk9NTeyKcA2TIEDsUTtvKDN628C2nqEi0ywd9QWbMml8C19Kh-Z1XlvqEIKJNykxqPUCQjtGSDS9yuwj5NsmuX42UCFF%22%7D
.turn.com/ Name: uid
Value: 2714794568175277182
.mathtag.com/ Name: uuid
Value: ded86283-a250-4400-9191-a00cea6a4e74
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&6756ff07-c779-4796-8888-aa1ad623ab72"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTI3OTM5MzY7MjswMjEOfdmCpX0zs1aGmA+3+zrzCuxe6DXdT7KY32U1WZLzEA==
.linkedin.com/ Name: lidc
Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2627:u=1:x=1:i=1652793936:t=1652880336:v=2:sig=AQEFk4i5rPROB4_YE2i3_KrwU-c1_IRs"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 242421FC-1227-4223-BB5A-E49A2094C76E
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 157898:2
.pubmatic.com/ Name: DPSync3
Value: 1653955200%3A201_197_219%7C1652832000%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1654041600%3A35%7C1655337600%3A203%7C1653955200%3A3_71_220_21_13_7_161_54_56_8
.adfarm1.adition.com/ Name: UserID1
Value: 7098695902156224653
.quantserve.com/ Name: d
Value: EPIBCwGUJvijAA
.quantserve.com/ Name: mc
Value: 6283a250-51f22-39046-bbcb7
.simpli.fi/ Name: suid
Value: 326F174BAE7742FBB30AD9523F839E8D
.de17a.com/ Name: guid2
Value: 1.3932179186703202776
.adform.net/ Name: C
Value: 1
.amazon-adsystem.com/ Name: ad-id
Value: A3KYLsE4REaRis4pdatYbfE
.company-target.com/ Name: tuuid
Value: ccdfc78f-9f8e-45ec-ad5f-d4dba22d150a
.company-target.com/ Name: tuuid_lu
Value: 1652793936
.adform.net/ Name: uid
Value: 3491808872652517208
.casalemedia.com/ Name: CMRUM3
Value: 276283a24f0b40&126283a2502760ccdfc78f-9f8e-45ec-ad5f-d4dba22d150a&0d6283a2502760%7Bamob_user_id%7D&696283a25005a00&c36283a2502760av-3acf579c-823a-4624-9a7a-2900c4c1e276&e66283a24f2760&c46283a25005a0&2e6283a25005a0&496283a25005a0&036283a2502760ded86283-a250-4400-9191-a00cea6a4e74&1a6283a24f05a0&f16283a24f05a0&2d6283a2502760CAESEAaZzwcR1f2xbKsIYnp1tts&046283a25005a0&186283a25005a0
.onaudience.com/ Name: cookie
Value: 519760cb1c4083a3
.onaudience.com/ Name: done_redirects147
Value: 1
.pubmatic.com/ Name: SPugT
Value: 1652793936
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-MqcjwWWnLsIpoCqUNqc2wT2lL8Qp93mRZqIsQNl4&KRTB&19420-MqcjwWWnLsIpoCqUNqc2wT2lL8Qp93mRZqIsQNl4&KRTB&22979-MqcjwWWnLsIpoCqUNqc2wT2lL8Qp93mRZqIsQNl4
.pubmatic.com/ Name: PUBMDCID
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-3932179186703202776
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEFQCM_Gdw1fdasO6QooqFlU&KRTB&16514-CAESEFQCM_Gdw1fdasO6QooqFlU&KRTB&23025-CAESEFQCM_Gdw1fdasO6QooqFlU
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4820332596612522662&KRTB&23339-4820332596612522662
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7098695902156224653&KRTB&23369-7098695902156224653
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3491808872652517208&KRTB&23263-3491808872652517208
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:ded86283-a250-4400-9191-a00cea6a4e74&KRTB&16736-uid:ded86283-a250-4400-9191-a00cea6a4e74&KRTB&23019-uid:ded86283-a250-4400-9191-a00cea6a4e74&KRTB&23208-uid:ded86283-a250-4400-9191-a00cea6a4e74
.pubmatic.com/ Name: PugT
Value: 1652793936

10 Console Messages

Source Level URL
Text
network error URL: https://www.sltrib.com/pf/api/v3/content/fetch/coral-comments?query=undefined&d=283&_website=sltrib
Message:
Failed to load resource: the server responded with a status of 500 ()
other warning URL: https://cdn.ampproject.org/rtv/012204292129000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
javascript warning URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Message:
The resource https://adservice.google.com/adsid/integrator.js?domain=www.sltrib.com was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Message:
The resource https://adservice.google.de/adsid/integrator.js?domain=www.sltrib.com was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Message:
The resource https://s.go-mpulse.net/boomerang/EQ5PL-TYNFS-SR6UD-ZERFB-E2CY6 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

037b897051a5461837b5448e268cb815.safeframe.googlesyndication.com
7715dbe6c408e34029715297bac003c8.safeframe.googlesyndication.com
8208269.fls.doubleclick.net
8234312.fls.doubleclick.net
a.audrte.com
a9057ce09a310b0512d074bcdf55f261.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ab39ef3ae26ed11d28281cd0aec9818b.safeframe.googlesyndication.com
acdn.adnxs.com
ad.ad-srv.net
ad.turn.com
ad14.ad-srv.net
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ams1-ib.adnxs.com
analytics.twitter.com
analyticssystems.net
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
aud.pubmatic.com
bttrack.com
buy.tinypass.com
c.amazon-adsystem.com
c1.adform.net
c2.piano.io
capi-tier-2-us-east-2.connatix.com
capi.connatix.com
cd.connatix.com
cdn.adnxs.com
cdn.ampproject.org
cdn.contentspread.net
cdn.tinypass.com
cdn1.opstag.com
cdnjs.cloudflare.com
cds.connatix.com
click.oi.com.br
clickserv.basis.net
clickserv.sitescout.com
cm.adgrx.com
cm.g.doubleclick.net
cmp.osano.com
confiant-integrations.global.ssl.fastly.net
core.iprom.net
cr.frontend.weborama.fr
csync.loopme.me
d.adroll.com
d3plfjw9uod7ab.cloudfront.net
d5p.de17a.com
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
expansioneggnog.com
experience.tinypass.com
f42ba5b851365cd3b94302d5042bf5f4.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fid.agkn.com
googleads.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.a-mx.com
id.sltrib.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img.connatix.com
ins.connatix.com
js-sec.indexww.com
js.adsrvr.org
js.stripe.com
local.sltrib.com
log.outbrainimg.com
m.stripe.com
m.stripe.network
mab.chartbeat.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
matching.truffle.bid
media.kaspersky.com
mug.criteo.com
mwzeom.zeotap.com
nep.advangelists.com
onetag-sys.com
os4m-d.openx.net
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-a.basis.net
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
protected-by.clarium.io
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
q.stripe.com
rtb.gumgum.com
s.amazon-adsystem.com
s.company-target.com
s.go-mpulse.net
s.tribalfusion.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sltrib.coral.coralproject.net
ssum-sec.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.adotmob.com
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.taboola.com
t.co
tcheck.outbrainimg.com
tm.ad-srv.net
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
vid.connatix.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.npttech.com
www.queryly.com
www.sltrib.com
a.audrte.com
aud.pubmatic.com
cm.adgrx.com
core.iprom.net
csync.loopme.me
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
pixel-eu.onaudience.com
s.tribalfusion.com
simage2.pubmatic.com
sync.crwdcntrl.net
sync.ipredictive.com
104.111.239.217
104.244.42.197
104.244.42.67
104.36.113.107
104.36.113.24
104.36.115.114
104.89.18.74
104.89.29.100
104.89.8.217
104.92.100.125
108.138.7.103
108.157.1.118
108.157.4.62
13.226.159.202
135.125.160.160
141.226.228.48
141.95.98.68
142.250.185.226
142.250.186.162
145.40.89.200
148.251.45.252
15.197.193.217
15.235.15.221
151.101.1.108
151.101.129.194
151.101.130.137
151.101.130.49
151.101.193.108
151.101.193.44
151.101.194.137
159.65.197.210
162.55.120.196
167.89.123.54
169.50.137.184
176.9.26.250
178.162.133.150
178.250.2.146
178.250.2.151
18.156.0.31
18.190.49.176
18.195.92.214
18.66.248.40
185.183.112.148
185.29.134.244
185.33.220.145
185.33.220.240
185.33.221.14
185.64.190.78
185.85.15.31
192.132.33.46
199.232.188.157
2.18.234.233
2001:678:cb4:bbbb::11
204.237.133.116
209.54.180.144
213.155.156.169
216.152.140.212
216.52.2.30
216.58.212.134
23.205.235.133
23.32.59.34
2600:9000:223c:8800:18:1fcd:351:7bc1
2600:9000:224a:2600:8:48e:53c0:93a1
2600:9000:224a:c800:13:a391:88c0:21
2600:9000:234e:6c00:3:b7e:8940:93a1
2602:803:c004:200::143
2606:4700:10::6816:1857
2606:4700:20::ac43:497c
2606:4700:3030::6815:5476
2606:4700:3032::ac43:cb69
2606:4700::6810:2a41
2606:4700::6811:190e
2606:4700::6811:b7b1
2606:4700::6811:b9b1
2606:4700::6811:bab1
2620:116:800d:21:51e4:db4b:4436:b305
2620:1ec:21::14
2a00:1288:80:807::2
2a00:1450:4001:802::200e
2a00:1450:4001:808::2003
2a00:1450:4001:809::2008
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2001
2a00:1450:4001:812::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:831::2006
2a00:1450:400c:c09::9a
2a00:1450:4014:80f::2004
2a02:2638::1c
2a02:26f0:6c00:2b9::11a6
2a02:26f0:f7::5c7b:e150
2a02:fa8:8806:16::1370
2a04:4e42:200::300
2a04:4e42:400::714
2a05:d018:d29:3602:cba9:630b:f07c:688c
2a06:98c1:3121::a
3.88.247.6
34.102.253.54
34.111.129.221
34.120.133.55
35.167.84.186
35.170.106.187
35.201.103.212
35.244.156.29
35.244.159.8
37.157.3.30
51.89.9.252
52.200.210.223
52.49.145.37
52.94.220.185
54.148.50.223
54.171.137.8
54.187.119.242
54.229.167.98
54.36.108.3
66.155.71.150
66.155.71.189
66.155.71.25
69.16.220.201
69.173.144.138
69.173.144.165
70.42.32.223
77.243.60.138
85.114.159.93
002b5234a3dfe3d86b298cfabb8e606c9e0f1afc81ae01738eef694a96658cb7
023ac517a48eabc2ea5192a707407d64652ce20c31b284fa2fe28a1870c0c854
03f828151d98a9c79b64d4a9a3d342a08e3f12623f2c38a1fba5f8984f52d329
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
04d64f65072f624d3a1c5c29b27f02e1d8c09aad3d1f7b1a2b86f200cdc883aa
05039f413da1ad8b661cec7caf5e95148f064651130497eac9f528e9dbac5feb
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1
066fc3ce045361bba8240f583393178cdedced02f8d4bb917c2d3f0520032564
0680615b6bf188287295e621b64538d8dbabc251c085a13137915a33450f70e1
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07d849e5b48ac7b9052bd47262ac20c0e3cac5d8ad3cacd2bd9ee0b4a66d4606
08632418af2bb40bfcf02cd9b4e47ad600d8c71d00362a5742d50a0f9dc19b8e
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
09b2536167289d87ce5f56d086073c36eff67c59a2846a23a211a381302aa349
0b32d1f7751a3dac2a1bf5b2cce419242d1426d128a39df493c4bbfe81a70579
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bfa346d7611b406e1c95c3ae1c7bd1a9a7c5340a7a197842f0005f7380546be
0d7bcfe9d448ece161270211d83551e97a8b16b0afe4814509348ab6697e3cce
1012e29ae435d41c998ebadc8babb4a03a0b8cf99ca2fd23dc4e3fe90cd8abf9
105bb862cefbb8f28c6fd537b06f906231d68e2bf4aa976c4104a8531428f4a2
10d386969b3dbff354113ea36cdc4be53ed30a0d9bcae60b3796ca83392a3bd9
115c8e44a715762f9234bc80a8037b8dbb5d6ac4345d9905581c1a946bdff866
12b2ca2ef01de02b3228479570c0593d85a71d107526d793433cdea0c6711c2b
1349f8a177348d0812701b1d014b76c7dba107cb9793792379e70cfeb35ed80d
151ca0dbdad0610cbb5b206a106dd32b5a5915325c96ec690652e0e47abf8465
18006e8ce2321556f27bdec7992107edaeaf14027b0d031873a3aec1ad703421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0
1a181e5bf43d3f555957158c2d1d653980d3f82e4cebdc298e9919744a868ed2
1a2aa10e00a16aaa34abb2932d68f6c9ef9cfde6aa63c8bc6f07c72608f04a83
1a5414e59027131d5ac994ba4fe4386b491145f34e86c9ffe90fb7ea968bcf0d
1b4020ad05124908be8df282ab84bc10ce71348dc9829e3872d0f238d1d56570
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1ed2823d405ec77e43fbd69fdde03c950235f4a1478c2c06ba852c7d945b799c
1eeaa9afd461c6df55ffad40e5b003b9f2303727cc0276e677cf61bf9023284a
1f0fe80009a01f223e7b8b9a4323f3b7987c8e4cd6b250031eb3b358aab9371f
2083cd1e08892f16bdacb988d287c590a32e3aa131c2bdb56dd9c8e0bf93cb62
2198147c2d9a9d39bddd6cc0ca47288c2889b9f36073ac2870d716822a5ff8f5
21e481f56c6fa1a48ce327318581d19fea7e938d05e32c382bff9033c50bdebf
2241156dc13b923c1f9a14836dd14c1cd33ea355f92028b8a4e1851f4500648b
22bc956a539f85eb61b4e61a9601c9cafd7df6b5caf2b119c0e142fce86a50e3
22be49ce866a34ae0c3242ea58bd3cedb4084867009cf100e8149d4d0d2eed4a
237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880
24a0611f0149e0679ad79ef2b954a1cc135f8c5c8fbfde51db874807a363bb44
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
271b323a4034fd6c4bae967f24900e8c99655a204662def18237f040662851d8
27c8ebb49be0ab43d179c77d633ea682312dedf3d6acb71dd16c66be429508e3
281a1c5996dabee532e69c0be0d9bdef31178f9eb492bd9d96a3d69083894889
293013aaa5dd77f5b2920843bad6f2d13eaaf5bd875ff9e3cfe977ded7d60c6e
29bdeb0973e214bb36bea5caf5d49f56b296cdf0f4008aff9ad07b60ad3e2ecb
2a1819580c8a8e33e0410a705d4f49c2be16f1dc3c632eb5dd075786d0f2cbe1
2b3136fc110394fdd71c97a4df78c9e0e122180153ab031c05b729d40501c8a8
2b4c81a64a48fe07656332d8a9d8ccf614903ce00bf1e39e9579362e04c8bd0e
2ca1198e3b2b27e0e1a962cb9d68a6c29f71a642e8b52fa315dfc47f2a66f784
2d7132fc882688607c74307493f0326b4b3cbf75d94d69cb0a1b4015ffbb7d7e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e6e6d3373f51dec53dc3af3fac9a723926e8db2bb737323bf54b48f8ff750f2
3029727da8b83ca2008b89508ba307d5863ca785b87b66b7280e76f544be9592
303b6a75c33eb75d87fa849f4e487db793909833d5313b1d08e4270954ad5374
305705fc54f335a4cce39cb68ab059e7202c19f0ff03d3336ebd3e6fcdcf0518
318802bbb26a15e938d4eb18ddd0a974295b637973cfbabca1c802b972ef32a8
3197c2f53a5e358304712770a37c2765d1ebe08e55afb8375c6328ef4e395d36
319ad22480eaa870561f449f86f870c3e8452e499b2a7e5d64fce6e4dafeffcd
325eb0ed9c4b2173718116d97c78e067f83311ed07570de76d154881bee92947
32efd3c886b0811738301f293d38482b2b18f34a7d2b5ed6dd197fd08c821815
334b4836f4fcaa2699b3c8e5e0cd430e5649a9b52d7da0c2bfba70a758ee2481
337de92eee3ee1dc8a0d0bfd8c7f627d71a3ae4b9c2b19ac0ff8eb5fee59fc66
34ecca9420b47088adc9cebd95b79c0883d9907d6ca50476810b9663453e45f4
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37e4ecedf0ab53a8f928507a9ae337f5871230f4525ce7e8070af4b21c17412d
37f3f9b7acb35ac8d20a5cc2e3b611d56073a09b5249d43747efd6e37eddaf6f
3833acbf9657d481c9cb8de56cc1b9bf92c69564b0d8ef01239e0927550f5db8
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3ad0c39acdff0d18168bbd2294ac5aa128fd845a582b0170b0bcbc79939b600e
3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a
3ca1ddf5346b4dc8822bcdad8f9ab4da178980f27825e0c7911e6c61e4aec595
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f5fce810a506822eedbf33946b50aac5c1898f3789343a7f3ca5008270ce0c2
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
403f82f5023b7899ecc6ea3059c0b29c10d6719e7f8464e0625c8f5d02c9b69c
41e3923f4d930aa1d58f18c785ba189e7944070656b0480532787d2447dc72d8
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42bd99c9d9c85bebd6419be0bc7cab4bbdd98f3743d9c0bf7e3e62cd627cb581
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
43735e5b2ae280a3cb398ca23aed6a5ce03c31ceb9e5cdb93685f58a45e226cf
462f8a9becd0c3fe2ff5f35f32d9ec980cab1ae3a715b9f7ba03e544134d815c
468718a583ec98edb242b85a424558fd63ceac3a8c1ff6a76bbf473b857481c4
46f3d37fe2b3a197aa65ff6cd86f59bf7f911686e7936637f5c3d7cfefd5ecb7
47e8ddb626a8043f3cf03cb46b4dea49075c693484f5899822656bc4d00ebe1c
4851a7dc2b9f3b034271acc1beed8105403e004bd61d3a0c3cdb0165c8048826
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49d24c201a7d4ae4754309691655aca7c38b3d09dc6d7528e9201bbcfb4354b2
4a310f3bd2c5387ef4ed9954af867011cdb0766de3f92f093e5bd00884db7178
4be319fc7e78bf1beb5b73bb76e33e445bf3170ebcd66fd72639743115287a2a
4c5c37f9da27f0fe5bcb0ea7f8582d754e7e6333dc53c692ad0e2d3a11940158
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1b4134b217a07b46291761f6fce409fc75e7f934c065203710bd93b286e02e
4f19ec18175b0631e9c5d0f2adf42f0fd7742019915f8e06b379ceb1500f13a6
4f820f0ef60feea0b9127f668b9fb37ed82e6f9265859d43a826336cf428f507
50218b350ecd9694900e829cfc6c60e47693ef3cb35a07774414ef83a911f1b4
51e828bc578ff545411903bb74163dd40d80b8f4b8bb1c957d073f629f1d43e1
52b5743e5facf3244e56c37fecbf982d813c9e8383ac3db9478c05d09d826074
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55783d0a97f6c534aaf39db045ce366c6d0e1f0bad65006ccd6d5affb72f2621
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5667221d6dbbbcd25aad22b734bb02b2afa806492457c6d41396b6a6d6cffd38
56906ec51dea6b7380781f28ef2574e88969b2c67cbfe44dbc3753cdb58442ab
59cc775e7fb39713a3905bff221ac842f5401df67582dcd6e69dc7c4a76a9c0b
5a22f460825a8911b55b0856fd4e2cf0e378621a55dbd6f69b4bf4af3e31ae83
5cae7368b288d75e26f2368ba75b43962fa19df639755766ca2d491397f2f38e
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62146c20958fbadca7d1cd8715cc793e6f5c9eb8697dfc6deb9bdbb7032b5a5a
63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9
6417ee644995069eafdced034958eab3502a9f3f0babdb637d34db47ae44f7e0
648e43a6922161bd259f3e15038eb15b68d62549fd30fa7c2397b75e369d7da6
64bff75a60c41b34a4deb9ce811a1e48a1b17bc3d3624715354764f6ae57cb63
660962d275be7b6fbd78196177490e51aa557dea68d37ae38bbcdd0866e3c76c
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
668c0ef605758b2a28ae572680986554e0097e2f10a749db8316b3cb1574806c
67efa671ed24be2f691a7c0e078b5ccae36c0efe5d0adeb01cb4291da6d49bb3
6905d2cac6ab2800387c2ef563162c1d446749a347d51a5ee8057564c9c233bb
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6a7dd3acbecddc653446803e807cea2b6a85f3c6c1a6cc349b751f5e965647ad
6ab1a066ef87014962593021fbbfacc9448b804a390c9b4a566371df8d536148
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
70371d6c1d505eff555d75495b130ac081b5bf0a71cef5c48d663f57e88d870c
7135861f8a8768636a90c4fb777082380c84194319273624e88004ab2b9d98d2
72d3bb48505405120796571830ae74c4f871f03a9052d080cde2190aa926b1ee
73462f4632ef44f6cadc5e49791a1883d570ab30c4ffcec4597dd1bf97071404
742106aba0be6db1086baa20c675ca18298baf0eecf4f0ad7a99111be6796446
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
746aaa7650fdffc1ddf1a76e4e47bba344d4ec91362f34527c936dc15495bc0f
750671a89441f6467fe80a4e743aac5914f2b6a2c95376d4922c8fd58f4d6db5
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
7556eb1b9c2dc9d89206ed6cdcf394275230205ef4e0c4195ef353da71223a34
7582354aac0b69ddb4805d6c6a5aa500bd1ea1419d1e9180ff7ec248aa75a538
78a827f70fb77230a2c72f8b241e081ba3648013bc771fa46ec0a250238a9c72
78c984ba8c80a05b09fd1bbc943d529de2f36a3aaa0cb082448fd812bf6c945a
78de39db1a19d3ff9647fccfc17fc8014f30f1f9cb6c2168180e36aaa4c60389
79660607c79b54f8f85a8306a0bd01dddc0fff67ca1268593b884838e93b9f18
7ac70197a254546d1b2db193ab647a5306d053b760e007032cb629ce44d799ea
7b8d5a44c6b4708afd90c96895b6fa42f1d43b7e3215bd30733dd517f971c059
7bc9506374314799412409a6dabac3ccc763320779eed5f9382679117dc8a3ba
7c11390ff56a196e93599fa2acd44e7240e790fe5c3df78093e7888d55881ad0
7c207b3ed9feda70543fb75e8d0172f262a909522db37f7e3e22249a075a2760
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7e34e3650444be4442224a77990a95d0ba66457124adf9e73df76e8134110d1c
7eb2af8a6315d058a1e7b87fadf2070e8fc0b2449b0a89da20c5b912de500acd
80f1a4f56e007eea4b548725a662a618675d06325fa2cb74f761023303dd2a35
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f2553a7589b199fa6f98fe65dfffb4f9091769325ce83bd36788154303bf3f
8438fcae135714383f2e8b95e9a173d7dae352e433c16c07ab158e6c88c489d0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
874cc1315f35963fb2488576f0c83489e22edfe22f6ce355e7e87e65063bbf7c
877aaa23a4ad9234fb7466411cb2da4e155d3ead933bc0e64dfd7097b9faf94f
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8bc130731976b5d913d5acc8bf28bbfd6114998bf4215f4b52c45aa599ec97b6
8ca993abb5d57bffaa86b09d46cbc1e7832ba18aea38d860799b87fe9f0c8959
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e1f4f2c18a58e56a36f6512b2a7d0593de0608c82ae7f8cd2f63d82396bca38
9041f63adc7ef5badf30edfdd51d94832df52c6a93c52ba91ea270c107847b82
9212c4fbf0bf6bd00cf75b342a13e35d3cc6e28a3d1c75531ca3d2837432c1ec
93fc8b658124ff5537f0f4d764d1ab052431db7356744319851ec3b69d5c5511
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
96f7d025e95bff8f174129b81143410b21c2a3ed8cbd8e3d3e7ceadd1cfd81ea
99864675faf8dea302b09f4905d80f32a6ca510c9b1118d2692e0df0241c637d
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b8650a6daef22196dc04f51fed727224d6405851527c0876180abb085987d7e
9ceb29aeca12f186cdc4c6e7bb7ac6313f565918d5e9b52a79c11611ef6c2d0b
a05fdfb3e658a59c3b08dc4d5787cf76826988866a1be0bac3710c7753640d1f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a08d6c1ed904cafae06723b64838bb4bb2ab0df1cf10a0d32c2029829b6764b1
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a462af891371d03cd034b9c4ce158acc3d59449b86c8b3184c391d6f152f19ea
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a61b552bd8a8bd0749d32d0ba19a1bef2912f806829da532650edf33bb0ae2ed
a6b9ca255d1b81f64849a3e0412ee94a858f10baafb862bfd715541afdb012df
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa21d0ddbc7cb318d1367bab72630267ec09559a269a23672cebf582d36386ca
aa54fe5362322d80647ac687671ad01fe1e2424ae65749dda5d5bbf2a2810cac
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad829f670cd7b9b33afef8a725976bc190b3dba8568d8ea0850ecc71f8023a56
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b007501413ab1a803b1474dde59828d5f0a6d1013968b36267f70ba33baf363b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b292ff3fa0d20f1e09e89b781b051b669b3d9a31c6833e33695cc865f381bac4
b3074e2cf0b12bcf10b46ed42bbe45b43ddfb868a7434b8e7b45ec387924c09a
b335094317c5104090170af33221a64064307b66db643f6a65154ed68ba4705d
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b6322113217b4fac79ad5b27613c9c66d466e67fad90363e743c87df4843acd7
ba2931934c2563d8594e776d80fbb2c1302ca0d41fcc5bd0cf2567c2aa2c18f6
bbcef88ae35c2f3863474b2f156d29ef99312800918bc06eb7dd811bb3ae504f
be93748736b4c2bea8dcb11c82353e1be9786869c78e4b30935f1226511a4f05
c030652dbe0db9f27711f5bc21254dc2e1fdd3ece626f945512d4557e5c33b90
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2dc8cc2dda9094e3e3042ebdbce7aee0dccddc392d6237306d23394ffc5de97
c2f243136a8398cd6e047cbdc4798fb5f82ff4ad8db7b78e9ed43fb58f429bba
c537ec70e99aa73c84f05fab949197af5fe3ffc83aa2748ec7845f4d9d1b790b
c5a1dfc90472c0e0b16c611604a7b5c1d6c2fbeedf1fc96178d24e36d844f99a
c65114918706da0d963bfa9825759dec6f5ffee2e8a1119e1f1c34fab18bf25c
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c71dee73ece3b8be6d8e408458e1cf484ceb90134a62e180ac49cfe8b93b22fc
c7cea731166b7048c9a3328519c5748d090b2715befacfb9e3564992a42d99fb
c7d2243795283099d8e4a4f40d3378b2db76ac38c45def78835a8ce9d6f9d170
c85a2b364480e5db9371f4173d69fba81a772ed2fd5d68e845c2cd994f1da462
c92ee2460b4063f46ccd0ad0e0a68d212c6b756c4a0ef3a7fdf0afe0989781b1
ca402f9c39effe12e3d2fa2381846892901314835d02d401f0a338450e23c2e0
cbdc33cc4483bfdb9004913ffc4927c79341bc23fe3db37919c0e51511d77dae
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d01c7ea02f591be086a8ace6bb8e070a22f5e0ced512197994b7de6642c742a9
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
d3a9e89b3cb897b68573f8724494fcc5a707ae7efb7f05646c7ef42b128db0e6
d59f570178e02f5cf045d3a553fb08d8bb196f4a27101b4708647d0398903529
d7ab0f1e31217960c7bcf0bdb822374271344c75aab4da7825505571e7e9035e
d7b7759040b37582adff4067722273fe68a4a63a2a1db0fd769bb9541ceff058
d902484e0cf777726798bce7167c1a8e823dc89deeea924b075e7ca609f6b7da
d9df2d7dc53654d1a0d153355fba415f8fcd6fcb35e3dbb79c634110dfaaed8d
d9f303e01b280e8e81b30b03070129c03727c56f98173ed68e5b7efae0800d6d
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dbf50792c905aaa16b52235e1ee5610fe1cde3d815f48713f3d16d0debd52d6a
dc14648f3b64b2be656327d5e789668718cf765a00edce493f344dc7078361ae
dc997df0b64ce11d20c2798515bb231b0074366b83888f0fc3a5d51c51dec6c2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de8e5392178bffdd8ea2e3c5ebe2ba279f6cc2ff1ae218cb84ee871da2dccec6
deb3a41db86aa04ea855a26256fcf79c19829888ab9dec89f330f7f93508067d
e1b1bcbcc0cbe6898cdb66bcc93dfb2a9b0b0469d554e18e71594ad7c63f52c1
e22f0d004d1688a80695e508bd665c621afb5110695b31dc06e28cb0a9cd2b04
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e299ebc7e9d8ba28f03e84211b2cfb5d292eb455c0bc310522934894a8adc3b5
e2c4332b6cd0fea250e89907921adaf7e597b52808cf19c995d6173ae0263f21
e31dfe3fb7f53bdd539477146e30843035c6d9f1ad16573100c5cf49968cd8f6
e32fe877c0347e9325de654889258db0dfb186cbf4f4f1236d7d37c7c5e279df
e3af51a1fcf56dc24fb76e38742b42e0afb04939e651ece08e098cc2aecf791d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b38139b07f628a5d6288c203b27cf3801e90cc26a88845f3f12ed427f35cd0
e41656eb2ba6c6293bf6dd928e5a88cdbc50535cab661c1969e0f598e497ed62
e7a76e6a18f5731e86e4ca1311256e8d1f46cfbeb9c07fc41db096313168398e
e830075c18978e767ad0edadf6d00767105d90462c1de8bf53f9e8aec16d31ac
e9b1adf91b953d233e612e07669d331da8cc8e5626f64dc3ac9325f1c0b22e6d
ea4019076476224330f3b3f4fa21af893f81abf9e80cb924911e8186167d9042
eac89fef3e543f077daf2726217c21fca3906bdcef9bcfc874a3b86b9ae50c9d
eaf2bd3d92596d7daa1105013ab1a9df04c5638908c58a816aebedd3d299aefd
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0dbf9315fbfb1c26334eb6ec61efabf74cec51df84318110f8d1c8c3ae8dc12
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f500e38f31cccd6e39a843d0332dd1129b1bca5aadebcd9f233063e8d3d0f482
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
f7b28bfe32cedf9b2821511b31304e15de2cd44d02c4a7accf2002e59349877d
f7c439ef85646d5f8f9315c229280bea356af66ad56d2eee09d03ebedd2c2d2f
f7d0101f4f881d80f8b7909ff57947d0cce8b0d55d6e7ea0b1f6ad2a560dd6c0
f8a691e6f523905cca35f8488a78ceadbaa81c057adf1b5a4817871ad27bf787
fe4ac3d8e53e203a57f8cc79f2c58d6988e23a7fbb1dcb5c575aff43cba953c3
ff199d0643a7b625817bef6b7565e6e4e63f784ed2bc8ee897521c42dd2e5508
ff944a61bf770e8a7bbebf211c20bfa92bdbab8dd5a1f718368c34a8dc5e321b