uintacountyherald.com Open in urlscan Pro
2606:4700:3036::ac43:9f0b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://uintacountyherald.com/
Effective URL:
https://uintacountyherald.com/
Submission: On December 12 via api (December 12th 2023, 9:11:52 am UTC) from US — Scanned from DE

Summary HTTP 345 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 73 IPs in 10 countries across 58 domains to perform 345 HTTP transactions. The main IP is 2606:4700:3036::ac43:9f0b, located in United States and belongs to CLOUDFLARENET, US. The main domain is uintacountyherald.com.
TLS certificate: Issued by GTS CA 1P5 on October 30th 2023. Valid for: 3 months.

This is the only time uintacountyherald.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 28	2606:4700:303... 2606:4700:3036::ac43:9f0b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
3	18.66.97.86 18.66.97.86	16509 (AMAZON-02) (AMAZON-02)
31	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	99.86.4.45 99.86.4.45	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81c::2014	15169 (GOOGLE) (GOOGLE)
1 1	52.5.81.46 52.5.81.46	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:223... 2600:9000:223f:9000:f:c7b3:ce40:93a1	16509 (AMAZON-02) (AMAZON-02)
21	172.66.42.247 172.66.42.247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
3	51.81.49.106 51.81.49.106	16276 (OVH) (OVH)
7	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3	18.66.147.37 18.66.147.37	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1 3	108.138.26.67 108.138.26.67	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.97.37 18.66.97.37	16509 (AMAZON-02) (AMAZON-02)
1	130.211.10.17 130.211.10.17	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2	185.245.80.231 185.245.80.231	62240 (CLOUVIDER...) (CLOUVIDER Clouvider - Global ASN)
3	13.32.27.107 13.32.27.107	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
4	18.66.122.107 18.66.122.107	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
1	18.66.97.21 18.66.97.21	16509 (AMAZON-02) (AMAZON-02)
4	18.66.97.40 18.66.97.40	16509 (AMAZON-02) (AMAZON-02)
10 21	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
4 8	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 10	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:80b::2014	15169 (GOOGLE) (GOOGLE)
2	2606:4700:440... 2606:4700:4400::ac40:90a6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
29	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	99.81.22.6 99.81.22.6	16509 (AMAZON-02) (AMAZON-02)
38	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
1	34.120.58.62 34.120.58.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
4	99.81.36.123 99.81.36.123	16509 (AMAZON-02) (AMAZON-02)
1 3	2a02:26f0:350... 2a02:26f0:3500:1b::1724:a388	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2600:9000:223... 2600:9000:223f:5000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2600:1f13:800... 2600:1f13:800:7781:4c95:14f6:d804:9c3f	16509 (AMAZON-02) (AMAZON-02)
2	216.52.2.86 216.52.2.86	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
5	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	69.166.1.64 69.166.1.64	27630 (AS-XFERNET) (AS-XFERNET)
4	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 4	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2600:9000:211... 2600:9000:211e:ee00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 2	2a05:d018:d29... 2a05:d018:d29:3605:2964:2b9e:c1c9:93f0	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.86.138.154 185.86.138.154	201081 (SMARTADSE...) (SMARTADSERVER)
2	2.19.217.101 2.19.217.101	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	3.120.65.116 3.120.65.116	16509 (AMAZON-02) (AMAZON-02)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.3.26 37.157.3.26	198622 (ADFORM) (ADFORM)
1 2	52.95.122.74 52.95.122.74	16509 (AMAZON-02) (AMAZON-02)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
345	73

28 2606:4700:3036::ac43:9f0b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

uintacountyherald.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.97.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-86.fra56.r.cloudfront.net

cdn-gateflipp.flippback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ads-flipp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.86.4.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-45.fra6.r.cloudfront.net

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

japfg-trending-content.uc.r.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.5.81.46 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-81-46.compute-1.amazonaws.com

www.civicscience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:9000:f:c7b3:ce40:93a1 (United States)

ASN16509 (AMAZON-02, US)

d2zqfs55y95cft.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rt3062.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.81.49.106 (United States)

ASN16276 (OVH, FR)
PTR: ns1002533.ip-51-81-49.us

ads.empowerlocal.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.147.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-37.fra60.r.cloudfront.net

p.flipp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.26.67 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-67.fra56.r.cloudfront.net

embed.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embedcdn.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-37.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.10.17 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.10.211.130.bc.googleusercontent.com

www.justapinch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.245.80.231 (Poplar, United Kingdom)

ASN62240 (CLOUVIDER Clouvider - Global ASN, GB)

servedbyadbutler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.27.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-107.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.122.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-107.fra60.r.cloudfront.net

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-21.fra56.r.cloudfront.net

img.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.97.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-40.fra56.r.cloudfront.net

images.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.186.98 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.64.151.101 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.89.211.116 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

japfg-trending-content.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:90a6 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.81.22.6 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-22-6.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.58.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.58.120.34.bc.googleusercontent.com

www.americanhometownmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.81.36.123 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-36-123.eu-west-1.compute.amazonaws.com

yeet.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:1b::1724:a388 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223f:5000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f13:800:7781:4c95:14f6:d804:9c3f (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.86 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

justapinch-com-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.64 (United States)

ASN27630 (AS-XFERNET, US)

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:18ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:ee00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Loerrach, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3605:2964:2b9e:c1c9:93f0 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.154 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.217.101 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-101.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.65.116 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-65-116.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.26 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.122.74 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	googlesyndication.com 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	320 KB
45	criteo.net static.criteo.net — Cisco Umbrella Rank: 631 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10143 csm.eu.criteo.net — Cisco Umbrella Rank: 9625	355 KB
41	doubleclick.net 10 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515 ad.doubleclick.net — Cisco Umbrella Rank: 139	316 KB
38	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	604 KB
28	uintacountyherald.com 1 redirects uintacountyherald.com	10 MB
21	infolinks.com resources.infolinks.com — Cisco Umbrella Rank: 7726 router.infolinks.com — Cisco Umbrella Rank: 2762 rt3062.infolinks.com — Cisco Umbrella Rank: 65923	302 KB
17	revcontent.com assets.revcontent.com — Cisco Umbrella Rank: 7459 trends.revcontent.com — Cisco Umbrella Rank: 1899 img.revcontent.com — Cisco Umbrella Rank: 9953 images.revcontent.com — Cisco Umbrella Rank: 8620 yeet.revcontent.com — Cisco Umbrella Rank: 8461	157 KB
11	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 900 static.adsafeprotected.com — Cisco Umbrella Rank: 602 dt.adsafeprotected.com — Cisco Umbrella Rank: 567	114 KB
11	adnxs.com 5 redirects cdn.adnxs.com — Cisco Umbrella Rank: 1605 ib.adnxs.com — Cisco Umbrella Rank: 229 ams3-ib.adnxs.com — Cisco Umbrella Rank: 6997 secure.adnxs.com — Cisco Umbrella Rank: 478	35 KB
10	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 48	200 KB
9	openx.net justapinch-com-d.openx.net — Cisco Umbrella Rank: 53968 us-u.openx.net — Cisco Umbrella Rank: 491 eu-u.openx.net — Cisco Umbrella Rank: 2473 rtb.openx.net — Cisco Umbrella Rank: 695	2 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	5 KB
7	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 9522 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10971 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 16218 dis.criteo.com — Cisco Umbrella Rank: 550	111 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	414 KB
4	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2218	2 KB
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2	666 B
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 700 script.hotjar.com — Cisco Umbrella Rank: 933	104 KB
3	bing.com 1 redirects www.bing.com — Cisco Umbrella Rank: 60	14 KB
3	sendtonews.com 1 redirects embed.sendtonews.com — Cisco Umbrella Rank: 13026 embedcdn.sendtonews.com — Cisco Umbrella Rank: 14375	4 KB
3	flipp.com p.flipp.com — Cisco Umbrella Rank: 12488
3	empowerlocal.co ads.empowerlocal.co — Cisco Umbrella Rank: 61521	14 KB
2	amazon-adsystem.com 1 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 560	1 KB
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 564	899 B
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1299	326 B
2	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 546	2 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 773 r.turn.com — Cisco Umbrella Rank: 3570	869 B
2	lijit.com ap.lijit.com — Cisco Umbrella Rank: 650	630 B
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1567	115 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6765	515 B
2	servedbyadbutler.com servedbyadbutler.com — Cisco Umbrella Rank: 12568	35 KB
2	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 544 image6.pubmatic.com — Cisco Umbrella Rank: 793	67 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	133 KB
2	gstatic.com fonts.gstatic.com	95 KB
2	appspot.com japfg-trending-content.uc.r.appspot.com — Cisco Umbrella Rank: 118051 japfg-trending-content.appspot.com — Cisco Umbrella Rank: 61573	5 KB
2	flippback.com cdn-gateflipp.flippback.com — Cisco Umbrella Rank: 13071	111 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	3 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	149 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 749	494 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	146 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 742	75 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428	584 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 49153	609 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258	574 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 674	237 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 339	609 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2627	104 B
1	sonobi.com apex.go.sonobi.com — Cisco Umbrella Rank: 2225	916 B
1	americanhometownmedia.com www.americanhometownmedia.com — Cisco Umbrella Rank: 74086	103 KB
1	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4453	32 KB
1	ads-flipp.com cdn.ads-flipp.com — Cisco Umbrella Rank: 21809	548 B
1	justapinch.com www.justapinch.com — Cisco Umbrella Rank: 73459	22 KB
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 408	98 B
1	cloudfront.net d2zqfs55y95cft.cloudfront.net
1	civicscience.com 1 redirects www.civicscience.com — Cisco Umbrella Rank: 15038	113 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 735	75 KB
345	58

	Domain	Requested by
38	s0.2mdn.net	uintacountyherald.com s0.2mdn.net 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
29	imageproxy.eu.criteo.net	ads.eu.criteo.com
28	uintacountyherald.com	1 redirects uintacountyherald.com
24	pagead2.googlesyndication.com	3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com uintacountyherald.com s0.2mdn.net
22	tpc.googlesyndication.com	3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com uintacountyherald.com tpc.googlesyndication.com s0.2mdn.net
21	cm.g.doubleclick.net	10 redirects googleads.g.doubleclick.net 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com eu-u.openx.net
14	static.criteo.net	ads.eu.criteo.com
10	rt3062.infolinks.com	resources.infolinks.com
10	lh3.googleusercontent.com	uintacountyherald.com
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	resources.infolinks.com	uintacountyherald.com resources.infolinks.com
7	3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
7	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com uintacountyherald.com
7	www.googletagservices.com	uintacountyherald.com 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
5	us-u.openx.net	googleads.g.doubleclick.net eu-u.openx.net
5	dt.adsafeprotected.com	3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
4	ad.doubleclick.net	uintacountyherald.com
4	static.adsafeprotected.com	3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com srcdoc
4	yeet.revcontent.com	assets.revcontent.com
4	images.revcontent.com	uintacountyherald.com
4	googleads.g.doubleclick.net	3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com pagead2.googlesyndication.com
4	trends.revcontent.com	assets.revcontent.com
4	assets.revcontent.com	uintacountyherald.com assets.revcontent.com
3	ams3-ib.adnxs.com	3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com cdn.adnxs.com
3	www.bing.com	1 redirects 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
3	googleads4.g.doubleclick.net	uintacountyherald.com
3	www.google.com	uintacountyherald.com 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
3	script.hotjar.com	static.hotjar.com script.hotjar.com uintacountyherald.com
3	router.infolinks.com	resources.infolinks.com
3	p.flipp.com	cdn-gateflipp.flippback.com
3	ads.empowerlocal.co	uintacountyherald.com ads.empowerlocal.co
2	aax-eu.amazon-adsystem.com	1 redirects eu-u.openx.net
2	c1.adform.net	2 redirects
2	creativecdn.com	2 redirects
2	eu-u.openx.net	www.americanhometownmedia.com eu-u.openx.net
2	sync.teads.tv	googleads.g.doubleclick.net
2	pr-bh.ybp.yahoo.com	1 redirects eu-u.openx.net
2	sync.1rx.io	2 redirects
2	s.tribalfusion.com	3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
2	a.tribalfusion.com	2 redirects
2	ap.lijit.com	www.americanhometownmedia.com
2	fw.adsafeprotected.com	1 redirects uintacountyherald.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	rtb.nl3.eu.criteo.com	3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
2	cat.nl3.eu.criteo.com	ads.eu.criteo.com
2	cdn.confiant-integrations.net	www.googletagmanager.com cdn.confiant-integrations.net
2	ads.eu.criteo.com	3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
2	www.google.de	uintacountyherald.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	servedbyadbutler.com	ads.empowerlocal.co uintacountyherald.com
2	www.google-analytics.com	uintacountyherald.com www.google-analytics.com
2	www.googletagmanager.com	uintacountyherald.com www.google-analytics.com
2	embed.sendtonews.com	1 redirects uintacountyherald.com
2	fonts.gstatic.com	fonts.googleapis.com
2	cdn-gateflipp.flippback.com	uintacountyherald.com
2	fonts.googleapis.com	uintacountyherald.com client
1	match.adsrvr.org	eu-u.openx.net
1	cms.quantserve.com	1 redirects
1	x.bidswitch.net	eu-u.openx.net
1	rtb.openx.net	eu-u.openx.net
1	secure.adnxs.com	1 redirects
1	ssbsync.smartadserver.com	3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
1	dis.criteo.com	3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
1	dsp.adfarm1.adition.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	s.ad.smaato.net	3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
1	pixel.rubiconproject.com	1 redirects
1	image6.pubmatic.com	3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
1	dclk-match.dotomi.com	3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
1	r.turn.com	3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	apex.go.sonobi.com	www.americanhometownmedia.com
1	justapinch-com-d.openx.net	www.americanhometownmedia.com
1	www.americanhometownmedia.com	uintacountyherald.com
1	japfg-trending-content.appspot.com	uintacountyherald.com
1	img.revcontent.com	uintacountyherald.com
1	cdn.adnxs.com	3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
1	adsdk.microsoft.com	3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
1	region1.analytics.google.com	www.googletagmanager.com
1	cdn.ads-flipp.com	cdn-gateflipp.flippback.com
1	ads.pubmatic.com	assets.revcontent.com
1	www.justapinch.com	uintacountyherald.com
1	static.hotjar.com	uintacountyherald.com
1	embedcdn.sendtonews.com	uintacountyherald.com
1	idsync.rlcdn.com	uintacountyherald.com
1	d2zqfs55y95cft.cloudfront.net	uintacountyherald.com
1	www.civicscience.com	1 redirects
1	japfg-trending-content.uc.r.appspot.com	uintacountyherald.com
1	code.jquery.com	uintacountyherald.com
345	91

This site contains links to these domains. Also see Links.

Domain
smeagol.revcontent.com
facebook.com
twitter.com
japfg-trending-content.appspot.com
www.justapinch.com
servedbyadbutler.com

Subject Issuer	Validity	Valid
uintacountyherald.com GTS CA 1P5	`2023-10-30` - `2024-01-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
flippback.com Amazon RSA 2048 M01	`2023-09-18` - `2024-10-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
revcontent.com Amazon RSA 2048 M02	`2023-05-18` - `2024-06-16`	a year	crt.sh
*.appspot.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-15` - `2024-05-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
servedbyadbutler.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-03` - `2024-01-03`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
flipp.com Amazon RSA 2048 M01	`2023-07-31` - `2024-08-28`	a year	crt.sh
sendtonews.com Amazon RSA 2048 M02	`2023-10-22` - `2024-11-19`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
justapinch.com Go Daddy Secure Certificate Authority - G2	`2023-04-18` - `2024-05-19`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 05	`2023-04-07` - `2024-04-01`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
confiant-integrations.net GTS CA 1P5	`2023-11-19` - `2024-02-17`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-03` - `2024-02-28`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.americanhometownmedia.com Go Daddy Secure Certificate Authority - G2	`2023-05-14` - `2024-06-14`	a year	crt.sh
r.bing.com Microsoft Azure ECC TLS Issuing CA 05	`2023-10-18` - `2024-06-27`	8 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-29` - `2024-02-21`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh

This page contains 26 frames:

Primary Page: https://uintacountyherald.com/
Frame ID: 90B22FBA8617DD98228673417A36DF87
Requests: 121 HTTP requests in this frame

Frame: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3CD4702451F6DA318D87E6E8EF6E9329
Requests: 1 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3305933&wsid=0&pdom=uintacountyherald.com&purl=https%3A%2F%2Fuintacountyherald.com%2F
Frame ID: E9BC4A52B34AA41E3C499D5270696DF2
Requests: 1 HTTP requests in this frame

Frame: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4471F10A45989BA7B3B722A9B5C43484
Requests: 26 HTTP requests in this frame

Frame: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A184045829E7272B1C730945E8184937
Requests: 8 HTTP requests in this frame

Frame: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 180A2FB0B38D04F953C1ABE24A3D9DA4
Requests: 8 HTTP requests in this frame

Frame: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EE4B79BB3DC3CE011F75F1E267BB7CD8
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNUcntDjuc4fhdiC2TCZ_xG48WMgkeU9i9_Dn6H1toNsB81xMo7skAii612YKj6XlURyXCQ1pWXJjQ6betUlKw09txBzV59_Dz9FGpvB5_iTEfVcfG83k5lw_16_g2yLtU94Nzj7kND_xRCHKyW20py-TotBddyjzRcCQj65XMrw41XUEzs
Frame ID: EA51BB38944437BD45F466F15E844A1B
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXgj0QAGIqoIVSUuAA490lbfphOX9AYoyKrXqQ&u=%7CVlUSK7hdHRtAqC22zvHIPq2wDegYpuySWesHgZP5%2Fh8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRRk0p77j3wRumtxgql90VCft6Tx_dGkbmjJDqiSU-5iaaO351e886TbZHQWMVZQXFDjNmFB6uXfCex8e_DGfMGy1axkGyrR0NISbACjWnTEaP4OxhWwhHmdkUDQ8ArvCtVCzGZHsXNNF_It6Y0k-IMrUiCuPVkwiFqpT0neSkdG9uGwk164a0pApjS2FGLn_yM7p9gDSbNkS6UiPD_bmBKI-O7AUwT2y86ndSwzR32_ZTt5IcAXYqVzDh2oV3CHu1GrZ8_EjftISXFhqAArlOXrjEJn343ur8y1cldUNlhbvGTexQ1e9KrHpGEE-XmyTUbXPJY3pyYc4oykAWrbsJmUgy9ZtxGmislXC9udXTG3duQ2hlgVPOFcyGXuL3HT938k9Cw6uWpnczLIkFqxZkHQhrg222ngrmyQ3WwWEZj1-Y2euLMVTjeBra76IjqK63_aKt1tStQyz7usKgqAeNbOyCbdpHv5R7Is2n9Kic6Zqrl3aMq_90oljr5Nnpj33qIR_WuKswraMxZStPhaS0-lFNb6c2zgv7H-sTdqmGsREw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHJ2h0SN4ZarFGK7K1PIP0vu4oArJntKxXNWdkfdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTI0MjE4MzY5MzM1MDIyNDLIAQmpAlzkY4S1ELI-4AIAqAMByAMCqgSfAk_QTW8YgIQXhL4EwVYtpzGQI5qdujvBxvrpRQKKIVKP34DkLl4o91JECCp_fjuJfCkib-oh8pS-ZE4Ik_5XsJGnv3mfgttsy2YgOcLlobJeT_G0LL_ySUaO-ROLWEITI8uUtdPaMlIjfreTHY7lLeZJuNcx4q56OGmKBS0_6sdgrdrZpFATCaKTlY-cTxO-4UOr-YT5lqwD-Vxga3-xZQ3oSHKC65TioHqGRtO_6euP-ypEDuh0-hHtp1dGhUQd1abjq1S3rkFX0eh0kDUukjRZVbytOFYxp5BuAGnuB6N2WD0yYPILg4Dh5DtVGHq1snyAe6-Ch5nEn_t8BrBmgLzJczfaCY5gcTABHMtmJ8uETR-RhBDw58P97PCsPjb24AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlJGmhMeJgwP6CwIIAYAMAeINEwi4zqaEx4mDAxUuJVUIHdI9DqTQFQGAFwE%26num%3D1%26sig%3DAOD64_1peTgFRCT6v59ezUeKpL6DNFmB5Q%26client%3Dca-pub-2421836933502242%26adurl%3D
Frame ID: AE004E8CEDAF0EF98504E9C77E73B0D2
Requests: 35 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXgj0QAGIqsIVSUuAA490l6T_QxEZG4Qq2dlVA&u=%7CVlUSK7hdHRsAhU7cLc9yODiqQ%2BqrPpsEsObvqMyOpjo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZDDsO1x7lnZU_xMDa_8YKdjyFkxqQfHiccAXkR_4dOyUQxe_m3cY5wsBBxyrXgB8Y7MwCFzBtkctb0Bi0EUm_l-VWq-iun5oPTHeFbNdOOmdRLnDnC3YQkAvWDR01AJTF-xy_i_4YYNuMbfF3dZ6ggxqXISyNBO8WpVAt0wQLjxGXbNfGQJCsHasGXkh53AiiG99Imz2aWMiv6Kb_stfrIewvKGjRSWYoyZW_4KfODza7mDafEkenUafbBehgvPplmZ50GEYBpLJjAh4ZSZqe2tC9hrg8M2M83EXbrY4SHsUsfQ-qyX_3Yv_UFLWngQUOrnFuRfZ2vQRSOI88YTkyMG6NbMAX_767KnH-OQzAnDTNh87Ua2TBR-XW27pCm7kSa4Y_DV4AihNET_fiexdpMsDl_UJgv88qyb1AwzG4nT0QKKsxkAhoqlOA_MzrmufLjQPdG7r6ld10XrBR8XhlrKAddWUAeRfnDXpBDmfuDZEMQZqG2F10fUCkIutVH0loVk33cF719NhTTdrSajmW_iSQloCg38H9p8pFLpIS4Ts&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcza10SN4ZavFGK7K1PIP0vu4oArJntKxXNWdkfdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTI0MjE4MzY5MzM1MDIyNDLIAQmpAlzkY4S1ELI-4AIAqAMByAMCqgSjAk_Qpxnxm0Uy-ne1fofyKOABwDkzVBwATO2LOvhFZ66_INOe9u1Z2frpGXy5nmnhLWZYlrie9mwZ_IOyrf9jfsD5YkqkyQV9XZAHU-mfl7eJ476xqkw_3GeZ2ZHhOK77lO5iDgO0PwTmAZ_43FudtUdwWvV9Wrp_OOvd0HDRwpQn8vCuPmQtrZpdTHWi14i_BY4dWI8_4FIcfNTLbHm8ZAR_SRoWjOqNw-34bscCoUS01xtFcipqtNHTY2Q8C4bGbK-EHVW55bPau149_iNY3EzUwGzxf4k8V0BkK1VarjWhqKLS9EKkD0kAd7g4dYCqdeA-LQkEJ8Ex3jXQajE77JWk_uICqWTfAyxPESOoHZu9ZJhh7xmQSOp3VmXkDRWOQbl4HeAEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSRpoTHiYMD-gsCCAGADAHiDRMIuc6mhMeJgwMVLiVVCB3SPQ6k0BUBgBcB%26num%3D1%26sig%3DAOD64_284hdZPb9wiIgiIyt5jjQ83SwjzA%26client%3Dca-pub-2421836933502242%26adurl%3D
Frame ID: CB3643D1069D16D516A5F5E0D305A49C
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: A8CC22390220BC1FC0F3F881A66B5E5D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Frame ID: 202E4D054BC482279AAB2D2E87F0B9E8
Requests: 8 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: CEAAB9D9013E0FE6A5867001376016DC
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/passback_728x90.js
Frame ID: E2531C97C94272C4D950563EE621B300
Requests: 2 HTTP requests in this frame

Frame: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 54CCAE28FE3BC669A0D45C70349DA5F6
Requests: 13 HTTP requests in this frame

Frame: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FB892CAFE45A1108569A2E7715FE229B
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGMW8-4ACMAE&v=APEucNWyUO1HmWzSgm_sYKJv8QD26diwNP_5WixevG8l2RouFa8pp7Y4TtQrrZgFm1fONtE_xnBSEmic-vpvri7MB0Bckmn6l_x5wjGLl_2t_8azep0WNOpAeeGBVM1KZwVvzojKd_IIRZlQl_WP1bKvKB30pFZxw57ylWC1wriiilST9hLP9X4
Frame ID: 2B93D3C1778F59FC775EFB018148AD94
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8BF77DC5A0AF75E4AD1F0F44DF5DBA74
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DEJ_18b0CGPCVhbQBMAE&v=APEucNWr8oE-1uPIiC5RM8QY_DRE9cRs1Im1eOHV-huhkFJr7EymibNxS7Iw3RUpdrGJTTKBhZK-GZwUYAVxxcA2LPXkeGVSRWjxf4qfgZtpRtx-VhMtaa9xqdTW3sBWixcDtfQlWIuK88DjQTmPr6dikQOFZ1iQ8FbRk04wqZKci1KbRFNnHjE
Frame ID: B8792248C00BB79EB31F31796EC09EA5
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0C43F766F2EC250F9CE93D22DC1D880E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E0A68F950BDA674BE026C86DD97C6DB9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 240E700F6AFB7E8C348557596264F095
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250
Frame ID: 3FBA917B8612E7BCBB7CF8D83378582C
Requests: 30 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: 5CA0F99F963A18D63D61DDF8564F7D8B
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0
Frame ID: 65863D1C97F61393185B14DBD10A8A25
Requests: 11 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=11277942
Frame ID: 26AD5F1F12A81FE4F6DC074CBEAA4D82
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Breaking News from your Local News Source Leader in Evanston, Wyoming | Uinta County Herald

Page URL History Show full URLs

http://uintacountyherald.com/ HTTP 302
https://uintacountyherald.com/ Page URL

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

345
Requests

92 %
HTTPS

45 %
IPv6

58
Domains

91
Subdomains

73
IPs

10
Countries

14255 kB
Transfer

21286 kB
Size

49
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://smeagol.revcontent.com/cv/v3/ieTxC8UEx1RoKWev8tqZyXd-xHqMVtaf42gIPBW9cURdiZJHVbIwTNd9CYNWEzroO7ReMFYt2yxcWg8m8cZ0StyKssar0jsuF7RHwaqxsZ2djx9tBJrYRkYvM5Vm-uTqW_ILFTKXNBodf6c70JP3T8MCjfDwomozTsGONjjGbb5-umvt7BIUCtJ0a1hjAWGc9liLGpoDCOwzvqzI7T_qTrVrguG_xvwcOts_uWrEopJxsN3GrU7u_DqRGNFLnpKOsugCwa6_Ya9Nf-vMe3_gBPlQ6PZEAh8CRcQO6WPQE0pVXR3LT2mBUrr0BHvEcn_GbY1NHMjOQuGucXqRwZwfgsWPSboQvWdJg6trk90tLDd8nSH1XH7Hm8CZtNrcHkLj5yGrxrlPYbhXoVSEfgLaa0iX-eAtWTXHD8Ee8rxEZBkpgKppam0AYXHQuQra4B6-wJAYPbFXfefFFuLXYyn9XRWdfQ_mJDkVYpKu5R8yeJdwPMQIjKBngkRRselJjjdi687hwx2uXKYvoNpe7yCqeF1NVueSg6om3jFMDA?p=GgFDMNHH4KsGOiRkYTU5ZWE4Ni0xM2ZjLTQ2NjgtODBkZi1hZmM3ZTVhODE3YjlCJDBjODI4YTc0LTY2OGYtNDMyOC04YWFlLWUxMWJjNDYxZDY5ZEoLd2hpZS13YWxrZXJQz-QKWMf1EGIVdWludGFjb3VudHloZXJhbGQuY29tagdkZXNrdG9wkAEB2AGyjvABkQIzMzMzMzPrP6oCDjIxNy4xMTQuMjE4LjIw6gIRCghncmF5X2ltcBIFZmFsc2U
Title: Doctor: if You Have Tinnitus (Ear Ringing) Do This Immediately!Your Journal Live

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/knIjfdJraM7XIsgEoCg2o37QUixxQgEAjSj16GegOXXCvdxXtEFOinpAD6VYQGbTQM1vSzKXL2pidYFqk-2a5IDJRxmpUErN6lfmUcygTjH1lwfwzkuAtEKq0HrN3q875gK6cE8qpgUK2BQfArhGAgRkuVrUNgPR_R9aqERL-uIHO6-0J_6jsIl5Z6J_lSe_djOay2lp72g7hJ_jaXi_8Xg96HGTr0KTwartEpNMqFYCdmn58ZNgKb7WGzYBNX-wFhtH_c9v-BvFI60uSsZeujq0-ApYYfY2vS9ENOcYGzt3x7AeaXC6qAYVpulJRqMnTgnmPTXROYRpb3Zf4NAGlm1vei2lE8X4kvwfAKHZs7sjzEPMnr_9mUG3PS5FKgUglqgOK61S1grVYd243F97fKVQQeBvEf46Y74COjmxn3qz1CkJmQn__lSIxIP5lb04OREVeklopzevIWiPdA-V3Uomlj1YdgZVuiJUaeat5fe03zzOdFBmxKJtzgNY0x8U-vombH4iklZfnDw30TV6iZ_aQFr01xcjvDg9YrSBZnW13f4qFRSytYHozXqjNx4j_BvQJAdqmVNi26N7yGyjL_rwTGY7gQYsbv8kB5efy_9E_PCgFJ3hHLMCYnEg4-eBnVtOMePw2fq_W4v7gr3npuzYMVZtz99YA2GEVK5wEryRk4IgYyNKuuai5227rh5PlPMdsRmgQySd8kRaNxKsZiupRdRMWU9_8FaH-YxAaXIHryFxSW244Xw0Lwsrwc9IFNJhnBY1A7G-HH9KckSW0zmUc2m1lBYjILdwODckFz7DEm5vSWtc37UGpVzc-dYJ4C9P1nuEIL_z2uefAh2K0qMHquVkTWtGE9w?p=GgFDMNHH4KsGOiRkYTU5ZWE4Ni0xM2ZjLTQ2NjgtODBkZi1hZmM3ZTVhODE3YjlCJDBjODI4YTc0LTY2OGYtNDMyOC04YWFlLWUxMWJjNDYxZDY5ZEoLd2hpZS13YWxrZXJQz-QKWMf1EGIVdWludGFjb3VudHloZXJhbGQuY29tagdkZXNrdG9wkAEC2AGyjvABkQIzMzMzMzPrP6oCDjIxNy4xMTQuMjE4LjIw6gIRCghncmF5X2ltcBIFZmFsc2U
Title: Dies Sind Bäder Einer Neuen Generation. Klicke Um Es Zu SehenBathtubs

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/eNFJtKOnSYPNL6VGpnPj41gjTR5-tGYLAM4zgrVCyJA3dXyGaTUVxRjbZWLnNJJo3fO8W4lDPf-ACD3kuvNNeOgSv68VSHvW5W-ApOy5LWhL1h_KKIc-CIB-amKKEUk_09yDcN4NQastwBBGYXeGvThoLH3d3TCcZyROmrN2H3n4LNEruqz0hmCE531KuZIKOnKaPTD09Vdz3TyoSPZfRFXtY6PvTBZCzv6gg52ByOdJUfLt5zx_m73G7vGXVvfJ4DzaE9fmrsuAoZdkP6DziEC6lBMvhnEHoR0kd8gQBfVdXlS9QD4ulR9TiA3-_FZZi4jra-kn2u6IzfV30A3hHYMtRttbLbWMPhI1UeMIZzhn4k_JU5n_C6J2RXro2lzQZ5Fc6ks7MfRCJ3RNYKGjtZkuqO19Bug-IWIJ_0Ca7Xq8EMe66sGsFnGaO47f8emMX_Orc4AZKvsQ51bQj9f71X-EUkAD9nDHcco5lsAMzxbKl-OQSiAjM8PdX1X6pvaUaRFukIVA3H5BO26bGkjYRuMPJbIkz0nT-ScHNECYWLOQXwETjKsH_NoroLSKJoiip8sTPVNThAvufdTvPL7cHIjHByIHFbqzUvgQHSvBu6jpb6gHwqeRcA9Ow4wb6O-C7OmANjZOmRH9Hb3XmVrfmHgt6Vz1hkYJMdIO60di36rYaVXqygklkxw4pIUoBoICuW1K92r2GnzgNcwPpLfRRZyQEOOqtdYiCan8lXawWhy50972kePOPMRqSJVicTUkSbL5g8xLVoHIsHR8n57G_8K7KZMbAGRzuUyNF3R60MjjRkT7sJBPd14z9Il0lG_OWWQdbwCn3MdKrlukJ2Q9N_uUFcuGqDN96G-KfM2u83CSBTt-jA?p=GgFDMNHH4KsGOiRkYTU5ZWE4Ni0xM2ZjLTQ2NjgtODBkZi1hZmM3ZTVhODE3YjlCJDBjODI4YTc0LTY2OGYtNDMyOC04YWFlLWUxMWJjNDYxZDY5ZEoLd2hpZS13YWxrZXJQz-QKWMf1EGIVdWludGFjb3VudHloZXJhbGQuY29tagdkZXNrdG9wkAED2AGyjvABkQIzMzMzMzPrP6oCDjIxNy4xMTQuMjE4LjIw6gIRCghncmF5X2ltcBIFZmFsc2U
Title: Eine Einfache Methode Zur Kniearthrose – Probieren Sie Es AusKnee Osteoarthritis Treatment

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/HVZkid_R3IT7VEXefThEnat9kZeV-ELidPH1-EjFD9BwWBnhta8LwbGFId8hIhq5ya3J9lnm3jolhNlK07dTQBMRg0YjaKxPccgK9JhDnnC-fzrMpdoae3Vdf_OISEcXMrqI2TSq5OFXOztfxPDwSPY2uw8oP6eb_UapLYErnf9dKwSunNGW2qeW_PnkLpIm9Njc5Kq0MfWUvbKYdo9n-4Ic_5ODpJJEXUdAsG1H-bI-oRUv36U9lRArylT8Q2o57W3UB7yh9YeaBJIvJ2wSyYBZ6N1hdqDruDgWaIuPBldT9aTNv0I-JK2MvewpfF9aE_eVzsZJBCdvuhjpO3AAZJR7mfkqnOmz875HtpCdCHXXnvFuHTsZ0WjFedB3jhIFZNr7G-T4R_G7ie7BOhl7hNRq9jXfWNR9T7zj8vKrwwMWxl-3zGWZj4mecF2vXiBicKD0MtmoHVWNBnPArJ0hFZlSIfEDHPCA4zVrEmgRCstWOKFE3Zwh-k8F0P2KZhfjdXSFFZ4yMLRB9URjwc-zuMr4cmELP7gdk53e4ao3MNHcVe2OPP3nievgYPHM1mCWEJ1TgRFGaQk8RalYq_ASs5gJfyhaO0d8KARJHjv1iZQhpnFREP8M5sx58gufj6_x0w?p=GgFDMNHH4KsGOiRkYTU5ZWE4Ni0xM2ZjLTQ2NjgtODBkZi1hZmM3ZTVhODE3YjlCJDBjODI4YTc0LTY2OGYtNDMyOC04YWFlLWUxMWJjNDYxZDY5ZEoLd2hpZS13YWxrZXJQz-QKWMf1EGIVdWludGFjb3VudHloZXJhbGQuY29tagdkZXNrdG9wkAEE2AGyjvABkQIzMzMzMzPrP6oCDjIxNy4xMTQuMjE4LjIw6gIRCghncmF5X2ltcBIFZmFsc2U
Title: Local Area Elektroautos Für Rentner: Der Preis Mag überraschenElectric Cars I Search Ads

Search URL Search Domain Scan URL

URL: https://facebook.com/uintacountyherald

Search URL Search Domain Scan URL

URL: https://twitter.com/uintacoherald

Search URL Search Domain Scan URL

URL: https://japfg-trending-content.appspot.com/click-dug.php?a=%2F&f=10236&p=/recipes/dessert/dessert-cookies/raspberry-shortbread-with-a-white-chocolate-drizzl.html&s=10000&do=uintacountyherald.com
Title: By Doris C. in Old Saybrook, CTRaspberry Shortbread With a White Chocolate Drizzle

Search URL Search Domain Scan URL

URL: https://japfg-trending-content.appspot.com/click-dug.php?a=%2F&f=10236&p=/recipes/dessert/cake/black-magic-cake-best-chocolate-cake-ever-5.html&s=10000&do=uintacountyherald.com
Title: By Lisa G. in Englewood, OHBlack Magic Cake (Best Chocolate Cake Ever!)

Search URL Search Domain Scan URL

URL: https://japfg-trending-content.appspot.com/click-dug.php?a=%2F&f=10236&p=/recipes/appetizer/other-appetizer/mexican-pinwheels-2.html&s=10000&do=uintacountyherald.com
Title: By Thea P. in Queens Village, NYMexican Pinwheels

Search URL Search Domain Scan URL

URL: https://japfg-trending-content.appspot.com/click-dug.php?a=%2F&f=10236&p=/recipes/main-course/pasta/my-famous-lasagna-4.html&s=10000&do=uintacountyherald.com
Title: By Jannette d. in ISLAMORADA, FLMy Famous Lasagna

Search URL Search Domain Scan URL

URL: https://www.justapinch.com/recipes/dessert/cookies/gingerbread-cookies-3.html?utm_source=News+Media+Corporation+%28TRX%29&utm_medium=curatorcrowd&utm_campaign=RTDX&utm_content=https%3A%2F%2Fuintacountyherald.com%2F

Search URL Search Domain Scan URL

URL: https://servedbyadbutler.com/redirect.spark?MID=171437&plid=2257204&setID=316820&channelID=3471&CID=828390&banID=521521602&PID=0&textadID=0&tc=1&scheduleID=2177940&adSize=300x250&mt=1702372305685959&sw=1600&sh=1200&spr=1&referrer=https%3A%2F%2Fuintacountyherald.com%2F&hc=33143543364812ac0ec1dfb71b7a1d5be9013444&location=

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://uintacountyherald.com/ HTTP 302
https://uintacountyherald.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://www.civicscience.com/jspoll/4/civicscience-widget.js HTTP 302
https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js

Request Chain 33

https://embed.sendtonews.com/player2/embedcode.php?fk=Be6nXXXs&cid=12385&SIZE=400&floatwidth=400 HTTP 302
https://embedcdn.sendtonews.com/easy-stn-player/7.28.2/embed.js

Request Chain 126

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI5MAXo5GBeHG0v49jzJ9_Q&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI5MAXo5GBeHG0v49jzJ9_Q&google_cver=1&C=1

Request Chain 127

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXgj0qMjLb2wtUAty3efRgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI5MAXo5GBeHG0v49jzJ9_Q&google_cver=1

Request Chain 128

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIFLpVuG88RvFlu8ACR2ZAU&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIFLpVuG88RvFlu8ACR2ZAU%26google_cver%3D1

Request Chain 129

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU2ODA0MTY0NDg2NjI1NTg0Mg%3D%3D

Request Chain 214

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=f886a227-6d3a-4832-8797-aaeb7ff85c5b&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=05be3dbc-4be4-4fc3-b3a5-295f6c64d54f&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FRG%3D9cca94b7359047a28b0aa020c0d9b350%26med%3D10%26PubId%3D162645330%26DI%3D0%26DIS%3DSB_15000-1-0%3F%26SNR%3D1%26GV%3D2&rtype=miFeedbackURL&tagId=6933&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_p2f_zbovyr&aid=4804755844846376482&wp= HTTP 303
https://www.bing.com/aes/c.gif?RG=9cca94b7359047a28b0aa020c0d9b350&med=10&PubId=162645330&DI=0&DIS=SB_15000-1-0?&SNR=1&GV=2

Request Chain 217

https://fw.adsafeprotected.com/rfw/st/987057/61527017/4.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=pub-2421836933502242&ias_chanId=1&ias_placementId=20343401207&bidurl=https://uintacountyherald.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jTD5Qlgr-e0bPWe7n9zjNE&adContainerId=brand_safety_0iN4ZbHADOftx_APgP-3kAc&cbFunctionName=goog_wrapCb_0iN4ZbHADOftx_APgP-3kAc&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fuintacountyherald.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fuintacountyherald.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:52e1a647-f94c-66fc-f19c-80d1769fe519,c:wzLlwU,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-765b799994-2vsnt,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:2,mot:0,app:0,maw:0,fm:tYdmHZC+11%7C12%7C13%7C14%7C15*.987057-61527017%7C151%7C152%7C153%7C161%7C171%7C18%7C19,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:12,oid:797f1353-98ce-11ee-b3aa-121b440239ca,v:19.8.464,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4a.js

Request Chain 271

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBlhTHkzXF_Q8rOLNgc3LfE&google_cver=1&google_push=AXcoOmS3zq5AAU7neFWDCS8DQ8GCfRPHaSeDWoFZn3ISw7xiqzcg1K6GreAoV5wZIjoDbTtcEXhp3w_Z0ZaKqQgbU0fOg3zC_khu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODE1Njc1MDUzMjM2MTM1ODgzNA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBlhTHkzXF_Q8rOLNgc3LfE&google_cver=1

Request Chain 273

https://a.tribalfusion.com/i.match?p=b6&u=CAESECh0jqaWCapVxL6MRM0JltQ&google_cver=1&google_push=AXcoOmSgq83YSvThiXyMTsqO0JwHFxO262T_evb33G8miMvzxdeV1B5PZ9I93ky7cH6WbYvvetGoz8PA87jfNKZxcxPFg5rrdr85&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSgq83YSvThiXyMTsqO0JwHFxO262T_evb33G8miMvzxdeV1B5PZ9I93ky7cH6WbYvvetGoz8PA87jfNKZxcxPFg5rrdr85%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECh0jqaWCapVxL6MRM0JltQ&google_cver=1&google_push=AXcoOmSgq83YSvThiXyMTsqO0JwHFxO262T_evb33G8miMvzxdeV1B5PZ9I93ky7cH6WbYvvetGoz8PA87jfNKZxcxPFg5rrdr85&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSgq83YSvThiXyMTsqO0JwHFxO262T_evb33G8miMvzxdeV1B5PZ9I93ky7cH6WbYvvetGoz8PA87jfNKZxcxPFg5rrdr85%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 275

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEmox-NPGEZSzCtOHoh4LMM&google_cver=1&google_push=AXcoOmSKtbZVejjuN2MqRpaXGL-vtphrOLM1UCxXlcqPbw_UCafxxpxi3QcZ6tWT5vyXmDM9KJhXYLKhvl1vKeqJyoVutz6enbQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFEyNElOWFMtVy1MTVVV&google_push=AXcoOmSKtbZVejjuN2MqRpaXGL-vtphrOLM1UCxXlcqPbw_UCafxxpxi3QcZ6tWT5vyXmDM9KJhXYLKhvl1vKeqJyoVutz6enbQ

Request Chain 277

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP5jrfytMvJ76a2mLzB8ZKY&google_cver=1&google_push=AXcoOmRSuL2JfSIEtj5_qhaIoxvOlO-rNN1CzN-m_YtDMiMI_ZXdbTA6cs_kUV--8L5u49wBr5pfYhbP_dcocGpCEd99oUYxHmZp HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRSuL2JfSIEtj5_qhaIoxvOlO-rNN1CzN-m_YtDMiMI_ZXdbTA6cs_kUV--8L5u49wBr5pfYhbP_dcocGpCEd99oUYxHmZp&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1702372308394 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-0c725fe9-dda5-4110-9d42-fbad4c2f0555-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRSuL2JfSIEtj5_qhaIoxvOlO-rNN1CzN-m_YtDMiMI_ZXdbTA6cs_kUV--8L5u49wBr5pfYhbP_dcocGpCEd99oUYxHmZp%26google_hm%3DAwxyX-ndpUEQnUL7rUwvBVU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRSuL2JfSIEtj5_qhaIoxvOlO-rNN1CzN-m_YtDMiMI_ZXdbTA6cs_kUV--8L5u49wBr5pfYhbP_dcocGpCEd99oUYxHmZp&google_hm=AwxyX-ndpUEQnUL7rUwvBVU

Request Chain 282

https://a.tribalfusion.com/i.match?p=b6&u=CAESECh0jqaWCapVxL6MRM0JltQ&google_cver=1&google_push=AXcoOmROwHhR1eOMWMcWzGstvX3O-MbrRNEYyXo5rLspRyYa7EH6mcPnw5dGMJ-954h_86iUuLct4GNfNZ4aux2iXZqUkJ2kt-gI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmROwHhR1eOMWMcWzGstvX3O-MbrRNEYyXo5rLspRyYa7EH6mcPnw5dGMJ-954h_86iUuLct4GNfNZ4aux2iXZqUkJ2kt-gI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECh0jqaWCapVxL6MRM0JltQ&google_cver=1&google_push=AXcoOmROwHhR1eOMWMcWzGstvX3O-MbrRNEYyXo5rLspRyYa7EH6mcPnw5dGMJ-954h_86iUuLct4GNfNZ4aux2iXZqUkJ2kt-gI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmROwHhR1eOMWMcWzGstvX3O-MbrRNEYyXo5rLspRyYa7EH6mcPnw5dGMJ-954h_86iUuLct4GNfNZ4aux2iXZqUkJ2kt-gI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 283

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENIo_nbioqzP6SIf3swJXbw&google_cver=1&google_push=AXcoOmR-sUcKaUks1_rDY-xOqlJCfRJBm5V41d1FKA0sb9eVzd9Ku6Fhv52LOqIW2Y-UZ_owSX0GFDsYa094UgK_DywhQz1XIb5H HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR-sUcKaUks1_rDY-xOqlJCfRJBm5V41d1FKA0sb9eVzd9Ku6Fhv52LOqIW2Y-UZ_owSX0GFDsYa094UgK_DywhQz1XIb5H&google_hm=DZKdhZlgTCGXYk8_JYsSKhQ

Request Chain 284

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECajEtOTWHkKO80GeaEfVxk&google_cver=1&google_push=AXcoOmRxdE_AreMgcHmo3gYD982rNObZrAVcRh8CgZdltVvDcYo3cj5eWoeGDyrUatNFUrH87-fmXv-DjqIp2dK9q4eGnk9AM0pm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMTYzMzM4ODQ4NjA2NDI4Mw%3D%3D&google_push=AXcoOmRxdE_AreMgcHmo3gYD982rNObZrAVcRh8CgZdltVvDcYo3cj5eWoeGDyrUatNFUrH87-fmXv-DjqIp2dK9q4eGnk9AM0pm

Request Chain 285

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENVy9S4XRqLEQ_dQu16m99w&google_cver=1&google_push=AXcoOmSRnFjrfxXQ88EBYVPId80P0iCGKFbu4eYF9iNfnjg5B4CSCKoTaFhvVRf9RlppNfXWqw6lGFknYmbb7_c-N60k8nYAO_k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSRnFjrfxXQ88EBYVPId80P0iCGKFbu4eYF9iNfnjg5B4CSCKoTaFhvVRf9RlppNfXWqw6lGFknYmbb7_c-N60k8nYAO_k&google_hm=eS1uNnBuSkd0RTJwSGU5SXk4akJhN1hXbThHWm1mRV9ESH5B

Request Chain 288

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEOm4p55RR5Y88DBNuMF10zo&google_cver=1&google_push=AXcoOmQCaHWHxyrU9hkmsAeOk1nxHpG7FU2z3SNhJKetXRydZOVw6puksjDHEY6wXCFDxZZSmgc-IRaJr-9iXhXoKy3kv3aHC3LWCQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzU2ODA0MTY0NDg2NjI1NTg0Mg%3D%3D&google_gid=CAESEOm4p55RR5Y88DBNuMF10zo&google_cver=1&google_push=AXcoOmQCaHWHxyrU9hkmsAeOk1nxHpG7FU2z3SNhJKetXRydZOVw6puksjDHEY6wXCFDxZZSmgc-IRaJr-9iXhXoKy3kv3aHC3LWCQ

Request Chain 291

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI5MAXo5GBeHG0v49jzJ9_Q&google_cver=1

Request Chain 292

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXgj0g89.YoPDRU4Ak0tZQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI5MAXo5GBeHG0v49jzJ9_Q&google_cver=1&google_hm=2

Request Chain 293

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIFLpVuG88RvFlu8ACR2ZAU&google_cver=1

Request Chain 294

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU2ODA0MTY0NDg2NjI1NTg0Mg%3D%3D

Request Chain 299

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELOxxgjKtkOhGPtwHfRRcY0&google_cver=1

Request Chain 301

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESELgE0VwF_tmkG0Z2sqdhL2c&google_cver=1

Request Chain 344

https://creativecdn.com/cm-notify?pi=openx&gdpr=0 HTTP 302
https://creativecdn.com/cm-notify?pi=openx&gdpr=0&tc=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537073053&val=Oin8Qmz1LAa4qyy2nMeMLVc1bay9pWLqrBtZLFyTw5I&pi=openx&gdpr=0&tc=1

Request Chain 345

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=mqWPW56j3FWBo41RlKOVBZyijlGB9ItUmaQ89C3m

Request Chain 346

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4017155514660130551

Request Chain 347

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=5b4472ca-0eeb-8813-b40b-83a18ea0d037 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=5b4472ca-0eeb-8813-b40b-83a18ea0d037&dcc=t

Request Chain 350

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELOxxgjKtkOhGPtwHfRRcY0&google_cver=1

345 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
uintacountyherald.com/
Redirect Chain

http://uintacountyherald.com/
https://uintacountyherald.com/

43 KB
12 KB

298ms
249ms

Document
text/html

2606:4700:3036::ac43:9f0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9f0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 382a13bf8432a44234c9cc301025e75242b82886e5dd343372274d362b5f2922

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8344d7745f7f4d6d-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 12 Dec 2023 09:11:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2FKcHfU4S7DPyUyoMWcZ5SB3g2IGJ8PlETcf4BjDFym7vopMW9bMufuMm8F4Dy4XI1jdpAar3Y4J9Qcc77Uga05injGC0gpY36YgiOvTwrZstjMwZMqz6nzzqGbrHNf3EOBcwwJrtVLx3nCr4AXg6%2Fk8SYE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 8344d7730bea9042-FRA
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 12 Dec 2023 09:11:43 GMT
Location: https://uintacountyherald.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HFde5whSwpd5Fz5nSz8PAwReIjHtfM68hZzLPm9KRVBa53UwkXNLZC%2B5n9ur3IyN%2BiVybR8sI1fB2PRtNqYuK7ePA3Xg%2B1CQuWXoaSjpZgOKtQUilpndNTeiLG73pzg3QO3uKc8JehR7v0Gwi31ew%2B9Fpz0%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 19 KB
1 KB 79ms
30ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,600italic,800,800italic

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

830d898d934130a45af1c5cb362bacc74be0edff8ada096b4df52dcc89e9a7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Dec 2023 09:11:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 09:11:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Dec 2023 09:11:44 GMT

GET
H2 200 core.css
uintacountyherald.com/css/ 324 KB
55 KB 558ms
556ms Stylesheet
text/css 2606:4700:3036::ac43:9f0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uintacountyherald.com/css/core.css
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9f0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ff5bc4080805d1b92cd893311a3109e7eba4494af0aad0e9c3fd79f25d974a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:44 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 May 2020 13:32:35 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=338565
etag: W/"52a85-5a55f613ddcb4-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNcpzKYiYf4Yd77WvwdDfhgB6vAr%2B0khGTxzWMYmZ8SJCi8n7BcCIcPcJkcwzsL6TBMIl5Q7eMurHiTskbI681nIHMDALXfY%2FhLoKej%2B9Y%2BY7DLjP7lDcJ5Fwakip8Bnud5teyTl4WBERTlNPZiGi3NUJo0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8344d775f9594d6d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 frontend.css
uintacountyherald.com/css/ 43 KB
10 KB 161ms
160ms Stylesheet
text/css 2606:4700:3036::ac43:9f0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uintacountyherald.com/css/frontend.css
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9f0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f52ed32d6b3e2f23b1bcc7703d257a9b015a9d5c2471757a3371b010786ca45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:44 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 22 Oct 2023 19:20:01 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=59418
etag: W/"e81a-60852fdfc2915-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2fdypJ5%2By29VkFbpOgwBfodM4azORDUKr1XRAgasanDnwTKUMiOFcsOD7ajD8kWNrs7JZP7T7JhIVYJksUOUl%2FeayA0Qcuouwaby%2FBT2CyP6p0raAhTXIN5n6mvrcRibYEg%2BPNuxr3birajutxm0dn9opI4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8344d775f95c4d6d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-2.2.4.js Show response
code.jquery.com/ 252 KB
75 KB 60ms
19ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.4.js
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:44 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3639772
x-cache: HIT, HIT
content-length: 76245
x-served-by: cache-lga21969-LGA, cache-fra-etou8220117-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1702372304.351542,VS0,VE0
etag: W/"28feccc0-3ee0f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 6556, 3214

GET
H2 200 core.js Show response
uintacountyherald.com/js/ 697 KB
211 KB 194ms
193ms Script
application/javascript 2606:4700:3036::ac43:9f0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uintacountyherald.com/js/core.js
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9f0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b41eaede202328cb31b62ef15ba289d329227d8c8c30531e5414249b9de2015c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:44 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Jan 2022 18:18:19 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=802892
etag: W/"c404c-5d69457c07ac5-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b0CsqbVSsZvF29ZYAzozvYOcs1EqNtrNKoZzVbgtyu5WQugemIttB02b8Iluu97DLWV9jIzX5WVbuthZMgMPfsYED1oXSVrTsMs%2F32V7ckGQF1Es795Aur1q%2F0MT%2FHI3HpXS%2BFfQSv24zFtaYXDESfA2nOU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8344d775f9604d6d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 frontend.js Show response
uintacountyherald.com/js/ 16 KB
5 KB 522ms
521ms Script
application/javascript 2606:4700:3036::ac43:9f0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uintacountyherald.com/js/frontend.js
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9f0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72311de052bfd96ef38559c81b625ca11bd5d4cc47a927c326b95aedad11aa1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:44 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 24 Jan 2021 17:26:45 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=37767
etag: W/"9387-5b9a8b9bc5949-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=75R7csiZpXKNyU1qpk9btUtBeNkZhrV7aIjYRKv3zIbpWmK%2BRFZZlP7vlYh3UeiUo4pMV1TE%2FvZmYx1Ad6FhwvwGXqNCpYoC82TyFmwFUDDrCC%2BVnVGzkHL6Pmxi8MG4pq9qiyayixFuhB2wAvgZm3qN1UU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8344d775f9614d6d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 flipptag.js Show response
cdn-gateflipp.flippback.com/tag/js/ 264 KB
55 KB 179ms
120ms Script
application/javascript 18.66.97.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=%201262363
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-86.fra56.r.cloudfront.net
Software: envoy /
Resource Hash: 7b45d475ee6b590b808c3dc84f553ed8563336a652f797b6550f769023a71f57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
content-encoding: gzip
via: 1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: FRA56-P2
vary: Origin,Origin, Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: no-store
x-envoy-upstream-service-time: 4
x-amz-cf-id: y5Zg90HtfUa5SyTb4bI7P_voQNe2KyIMu2Cc0e0AY1mamWYWA1QJPA==

GET
H2 200 flipptag.js Show response
cdn-gateflipp.flippback.com/tag/js/ 264 KB
55 KB 351ms
293ms Script
application/javascript 18.66.97.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=%201262364
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-86.fra56.r.cloudfront.net
Software: envoy /
Resource Hash: 7b45d475ee6b590b808c3dc84f553ed8563336a652f797b6550f769023a71f57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
content-encoding: gzip
via: 1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: FRA56-P2
vary: Origin,Origin, Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: no-store
x-envoy-upstream-service-time: 6
x-amz-cf-id: 4LciYb-UWNJSJ18n87ARg-3xUG2qirTTmg9BF0GQi4Yo04uCH48NzQ==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 89 KB
29 KB 162ms
106ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

165bd05213ac704b1be23b1b003d7705012895a042fdfc5db90854f650c328c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29113
x-xss-protection: 0
server: cafe
etag: 812 / 19703 / m202312050101 / config-hash: 11999804698944333348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 09:11:45 GMT

GET
H2 200 6b80b3e7c63ef9a362e24abd4f27512e.jpg
uintacountyherald.com/storage/2017/03/ 30 KB
31 KB 182ms
182ms Image
image/jpeg 2606:4700:3036::ac43:9f0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/storage/2017/03/6b80b3e7c63ef9a362e24abd4f27512e.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9f0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06827a14761ece907961a2dedebe66ddaa89a18f875b94db92c4f2acf5b7f6aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:44 GMT
cf-cache-status: HIT
last-modified: Mon, 11 May 2020 13:24:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"793b-5a55f45d0146e-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F77rhRZhhaz%2BJKrQxEV6je4xu08WCD%2FzdlvSKA5jq1Cn0xYP%2FoBsl559SJNGbqZpDbKQNLJg8W9Ba9mtGobbtpzMxeD3JAsE0X7Q7K65zB6poG79p%2BrMdRJyY%2Boo%2B1KcqbX%2FOiZkjUfXQkoG03ZCni5qkxo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 8344d775f9644d6d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 email-decode.min.js Show response
uintacountyherald.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 25ms
25ms Script
application/javascript 2606:4700:3036::ac43:9f0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://uintacountyherald.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:9f0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 01 Dec 2023 15:04:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6569f5f8-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ct3KMRd1PCAiVDhRcmJf%2FTbspGbNxhE7D1XzzngMLadaTdUurN3JCJ%2FcMRm31Rp%2Bwai%2BLLD%2FKdFnYap%2FVdh4sIpw3vL9uGKEyTajWhA4P3vYXCrq4rlZ0qnUr5AoYxtv6%2FOC2biS2bbRoKiWes6tuf8frgw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8344d775f9664d6d-FRA
expires: Thu, 14 Dec 2023 09:11:44 GMT

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ 161 KB
48 KB 78ms
25ms Script
text/javascript 99.86.4.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-45.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 28a6827168832144d10572c3da10d3ce930b08edc1f9bba1e9331ca912a7d577

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 21:29:29 GMT
content-encoding: br
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 21:29:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 42136
etag: W/"85af42917add33bc55f09ac26a8afdb4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=60
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: KzLMw-fd15gHocVxe6sS-bgIZcCgGq55l0UxP4cW6vTudAjajinFug==

GET
H2 200 trxtwo.php Show response
japfg-trending-content.uc.r.appspot.com/ 13 KB
4 KB 229ms
147ms Script
text/html 2a00:1450:4001:81c::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://japfg-trending-content.uc.r.appspot.com/trxtwo.php?s=10236&v=1&q=4&i=21
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: 6784fa025fddf97da46fae5dbeaf7ec8a275ff78d9252cbbe57ef639592d2443

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:44 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 32b857f43de71cefbeab6f5170d542a8.jpg
uintacountyherald.com/storage/2023/11/ 277 KB
277 KB 286ms
286ms Image
image/jpeg 2606:4700:3036::ac43:9f0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/storage/2023/11/32b857f43de71cefbeab6f5170d542a8.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9f0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: beaccc653c47d03c7afbc10a2ae03f6daeb78e15094aa18067533d2d4b4a3bf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:44 GMT
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 16:26:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"45252-60b4cfda6420d-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBvJOeX9iuNVrdIq0QkH7pD%2BwVal%2BfrGPPRxBHCnqkGnxf1T%2BNhZvvCyw1DQsAA3Vf%2FDh1ZTljdSFJBAMq9OZfA3BBI%2FV%2Fljqy1%2FPmccQO6B5woTXLweXV1Y2GncnRpJ%2Bl1PuSiFQdDUPey44XrdjfqxSvo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 8344d7771ade4d6d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 722b01131f4b6a5dc94d02c8be8ef7db.jpg
uintacountyherald.com/storage/2023/11/ 277 KB
277 KB 189ms
189ms Image
image/jpeg 2606:4700:3036::ac43:9f0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/storage/2023/11/722b01131f4b6a5dc94d02c8be8ef7db.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9f0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: beaccc653c47d03c7afbc10a2ae03f6daeb78e15094aa18067533d2d4b4a3bf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:44 GMT
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 16:26:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"45252-60b4cfda6326d-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2B5W3M57ESrHpf8nMfjHowI9GahNgWASbZc3NNThm0Yqzxb9vtVeHim8rXrxc%2Bt8fVDVOBWT7rhGwjJXbVlXQMUd%2Bc0QTSnBVraYrwXCzLVUuveaMLrRG3PDPW152KRglpPdYyOfjzrtcMB0EkcanLiRb4k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 8344d7778b7c4d6d-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 5479a16e3589257928698d21a0285f54.png
uintacountyherald.com/storage/2023/11/ 102 KB
103 KB 190ms
189ms Image
image/png 2606:4700:3036::ac43:9f0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/storage/2023/11/5479a16e3589257928698d21a0285f54.png
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9f0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ece864356b2a5fcc81af5663854530d87ebcb622acea8cc5a95bd7a64449ed3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
cf-cache-status: HIT
last-modified: Wed, 01 Nov 2023 16:25:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"199ae-60919b99db75d-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m25vw6WlIFUYaRGB1idtXNKyj52vr2XRNUWUv%2BEPIgExHPSi7vGVqtbcP9aGijanOqe8tM2vBR6Ef6aZO%2BH9J%2BKOU4aP9m40WGwjH2h8txDnkAZNviBmbcz2DF3cq1QTznf6YAqAbYNkG5zd%2B%2BXSpE1Q6GQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 8344d7798fdb35f0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 f59dbc2d6c0c682cf13e7e1fd8a656a2.png
uintacountyherald.com/storage/2023/11/ 102 KB
103 KB 271ms
269ms Image
image/png 2606:4700:3036::ac43:9f0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/storage/2023/11/f59dbc2d6c0c682cf13e7e1fd8a656a2.png
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9f0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ece864356b2a5fcc81af5663854530d87ebcb622acea8cc5a95bd7a64449ed3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
cf-cache-status: HIT
last-modified: Wed, 01 Nov 2023 16:25:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"199ae-60919b99da7bd-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F0V5lgtkCoz2wKmH97%2FbDYcWmCa6Bp2AWheJC9wsMkrnobuVT2cRSvTsTCQZFMlCZHXZ7glacY%2B9x2UoOVK88XzbD0AbzsgG6gx5%2FejmKi%2FbMZh2u%2B53mRGM90tlmjigWNuxZ3V9VlOY8wKWZwoACgw8OfY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 8344d7798fdc35f0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 f2a4abd93ed0b5037fbdad9f15e1d04b.jpg
uintacountyherald.com/storage/2022/12/ 21 KB
21 KB 181ms
181ms Image
image/jpeg 2606:4700:3036::ac43:9f0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/storage/2022/12/f2a4abd93ed0b5037fbdad9f15e1d04b.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9f0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c7a64ef7927a72ad708b7e637fe15660ce2886926662417cc58cc7b1d4fc9d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
cf-cache-status: HIT
last-modified: Thu, 22 Dec 2022 14:46:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5295-5f06bbbca070c-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gDtoFmCWz%2B%2B9JkRN9FzWukpg%2FBg5597MN9AM%2Bm67kpag%2FM7zSfxx8FotCXHowYfZik%2FgsdE%2F1Y%2FrxiGnujhR4ne8Nnt%2BYGRc6dlMyVlcvGb4s7e3riYFYXL1uHmjQPSeYSbYq%2BkipotExEVRmp%2FiCylyKAM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 8344d7798fe035f0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2

403

csw-polyfills.js
d2zqfs55y95cft.cloudfront.net/jspoll/5/
Redirect Chain

https://www.civicscience.com/jspoll/4/civicscience-widget.js
https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js

0
0

71ms
18ms

Script
text/html

2600:9000:223f:9000:f:c7b3:ce40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Server: 2600:9000:223f:9000:f:c7b3:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Redirect headers

location: https://d2zqfs55y95cft.cloudfront.net:443/jspoll/5/csw-polyfills.js
date: Tue, 12 Dec 2023 09:11:45 GMT
server: awselb/2.0
content-length: 110
content-type: text/html

GET
H3 200 theme.js Show response
uintacountyherald.com/js/ 4 KB
2 KB 161ms
160ms Script
application/javascript 2606:4700:3036::ac43:9f0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uintacountyherald.com/js/theme.js
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9f0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1b3793f1f30ddbc4854cafbf2b9bc37f21c9e6e16b5b87c5607c9f20f9bd77d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 22 Oct 2023 19:20:01 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"1121-60852fdfc7735-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RqjxHq299hBStExIC2K2irJX37El9yHdI2VNUyMfwGWu3yyIElBv3GGSZNFNW4yBu%2BQ8FpK%2F2iygxXwb2auJ2VLqI1wNU7OqnKIvsDpUzMXrxQz2C3TWUcf5%2BvW8iwOgYKlMRn%2FOru%2FBjhAUdKqRv1Kby2o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8344d7798fde35f0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 infolinks_main.js Show response
resources.infolinks.com/js/ 4 KB
3 KB 89ms
37ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b32f5e6df197223f5ccba3786d782416b62d4d23600231122565e17f0487cb35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:44 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 07 Dec 2023 19:55:55 GMT
server: cloudflare
age: 4484
etag: W/"108c-60bf0db0ca069"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 8344d779ea9f91ed-FRA
expires: Tue, 12 Dec 2023 08:57:00 GMT

GET
H3 200 fb5d92c57a2887bd4a85b14e2f922ee0.jpg
uintacountyherald.com/uploads/images/2023/12/ 180 KB
181 KB 208ms
207ms Image
image/jpeg 2606:4700:3036::ac43:9f0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/uploads/images/2023/12/fb5d92c57a2887bd4a85b14e2f922ee0.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9f0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95f42e706886029be7805a13172287841692f15f50c30412979eb21a0c6e6ec0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
cf-cache-status: HIT
last-modified: Wed, 06 Dec 2023 15:51:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2d045-60bd952811ab5-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NqdypFpdd2Cq6AiGC67nn4R6mBVLTOrn7cnMDz3LWCPLc%2FAVzsRiTVT5Mk3FOlGtPHKHvnEmzi9eCxOujSzrihATJvyb0FBt9BWcqZYr4YVVH3GYLqSJ%2FRM2JaB9RHmWVSQ9Wuitq%2BFan1q0aMpulwdDoqQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 8344d7799fe135f0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 f39e628873afe0d1a3bb32cd58d33f07.jpg
uintacountyherald.com/uploads/images/2023/12/ 185 KB
185 KB 250ms
250ms Image
image/jpeg 2606:4700:3036::ac43:9f0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/uploads/images/2023/12/f39e628873afe0d1a3bb32cd58d33f07.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9f0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b87c52e78b851beab16105b18621ba47bb611088c525003b25a412781695835

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
cf-cache-status: HIT
last-modified: Wed, 06 Dec 2023 15:58:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2e3bc-60bd96b782810-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=36TSJ32fHfRxyA2cTI9fO4OUO8MCAHAvuhtAa%2BhpWX2eo5OJRZi%2FBuDvF%2FHTjLgwjqvtwHbAYxQICLf%2B3TCRk4i4aWKAPAu9c7b16a%2B%2BCcJLJlI%2BkOdyLqRUI4ZHyJlT%2Bu%2F3%2BZpVWeRHtwHFXejrdtvlcsw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 8344d7799fe335f0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 50144f870381f811e79d44fbc6c2846f.jpg
uintacountyherald.com/uploads/images/2023/12/ 255 KB
255 KB 251ms
251ms Image
image/jpeg 2606:4700:3036::ac43:9f0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/uploads/images/2023/12/50144f870381f811e79d44fbc6c2846f.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9f0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e24159ce6f12ce65b60f7351b064567ef38f17a12b44cb7301665afa469cef62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
cf-cache-status: HIT
last-modified: Wed, 06 Dec 2023 15:55:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3fa89-60bd96290250c-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VxBunfMuWAQxc8wBCZiKqCMLLnjYYl9RGeYFsaEDrNfpdjSjoaWuDiMPFjMeHABRxqlOrxFiPGcqiDqxAyaH5p0KUYDlCKLud9ATazAK63fzjDm7q7%2FpdwqGGCVU0L9krMXL4ZYcgJy%2BYbV7E2k%2BtbEIMVQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 8344d7799fe635f0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 fontawesome-webfont.woff2
uintacountyherald.com/fonts/ 69 KB
70 KB 163ms
163ms Font
font/woff2 2606:4700:3036::ac43:9f0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uintacountyherald.com/fonts/fontawesome-webfont.woff2?v=4.6.1
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/css/core.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9f0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d

Request headers

Referer: https://uintacountyherald.com/css/core.css
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
cf-cache-status: HIT
last-modified: Sun, 22 Oct 2023 19:20:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"11448-60852fdfc4855-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2BzlBYVQDdK0TOI5Fe9AsPcjMFUWx9%2FHY4APB7A4%2BdCw8fgLrXq1gfwQaly86awJTCFs7NTGyTkwWATmvgW3h%2FDrqwlip5WQ8ZXfz61Y4i3NzO%2FCPp8RXtQnDs2JSlITKnuphWHTNkmuHrRqbXqFRfn9JvE%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
cf-ray: 8344d7799fe835f0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 71ms
20ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,600italic,800,800italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 18:31:53 GMT
x-content-type-options: nosniff
age: 52791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 18:31:53 GMT

GET
H2 200 ;ID=181918;size=0x0;setID=517063;type=js;sw=1600;sh=1200;spr=1;kw=home;pid=1393686;place=0;rnd=1393686;click=CLICK_MACRO_PLACEHOLDER Show response
ads.empowerlocal.co/adserve/ 2 KB
1 KB 474ms
117ms Script
application/javascript 51.81.49.106
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.empowerlocal.co/adserve/;ID=181918;size=0x0;setID=517063;type=js;sw=1600;sh=1200;spr=1;kw=home;pid=1393686;place=0;rnd=1393686;click=CLICK_MACRO_PLACEHOLDER

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.81.49.106 , United States, ASN16276 (OVH, FR),

Reverse DNS

ns1002533.ip-51-81-49.us

Software

nginx /

Resource Hash

e13d6d6121bd85d046a6aeeffefc46f84fde31adf55e8d940db7bd6508618d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
content-type: application/javascript
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 13be919bc4d75eb612fc442ea8e8dc45.jpg
uintacountyherald.com/uploads/images/2023/12/ 113 KB
113 KB 538ms
537ms Image
image/jpeg 2606:4700:3036::ac43:9f0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/uploads/images/2023/12/13be919bc4d75eb612fc442ea8e8dc45.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9f0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96686edc68a7fc4fc7f466756ce58388ae0341888aa5a1484da538700bebeb9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
cf-cache-status: HIT
last-modified: Wed, 06 Dec 2023 16:00:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1c3d3-60bd9737f6eba-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GbVRXj7icUo%2BrDeS%2FBzZGncWzs17EwtOSWGCOZ%2Ba6wBcI4CAWAZrDzLgEL6iWZdsxfVEnVCZDdqY4pvJGpiavcVj6iZykz3Obln2U0y7y4OK9W5bi4cSaQAC3GV8gIkAIsd0FlhJxTOWTrAkJ0AIKilU71c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 8344d779aff335f0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/ 431 KB
135 KB 191ms
22ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba014b41e87e2deda011cf92146d1b1842133b416d5ce0be02719670c0d46e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1303
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138171
x-xss-protection: 0
server: cafe
etag: 7807444821274263820
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 11 Dec 2024 08:50:02 GMT

GET
H2 451 712559.gif
idsync.rlcdn.com/ 0
98 B 109ms
30ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/712559.gif?partner_uid=608fe090-ab5f-4dd4-b4aa-7e5e1a6c81fe
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 beacons
p.flipp.com/ 0
0 168ms
116ms Fetch 18.66.147.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.flipp.com/beacons
Requested by: Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=%201262363
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-37.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://uintacountyherald.com
access-control-allow-credentials: true
x-amz-cf-id: qlIaw_gwjjt5IYeZzwTkrQ3-6eeReC536fFYU2GWFK_qhZCw2-jIKw==

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 215 KB
30 KB 550ms
550ms Fetch
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2945631835796356&correlator=2572099706231362&eid=31079240&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fifs&iu_parts=129995211%2Chome_leaderboard%2Chome_250_1%2Chome_250_2%2Chome_600%2Cvideo_250%2Cvideo_600&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x600%2C300x250%2C300x600&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702372305347&lmt=1702372305&adxs=436%2C-9%2C-9%2C-9%2C-9%2C-9&adys=190%2C-9%2C-9%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C-1%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fuintacountyherald.com%2F&vis=1&psz=768x90%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=728x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=0%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0&ga_vid=1437240365.1702372305&ga_sid=1702372305&ga_hid=1810723417&ga_fc=false&dlt=1702372304298&idt=1032&adks=536991170%2C1736459697%2C2382306415%2C3782939975%2C2568665865%2C176555470&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e79c36587b5dfab7dd7648e2dbb7844e8ab3c95f8f52ea7f86f8049d913da628

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30357
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://uintacountyherald.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3CD4 6 KB
3 KB 119ms
55ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uintacountyherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 09:11:45 GMT
expires: Wed, 11 Dec 2024 09:11:45 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

embed.js Show response
embedcdn.sendtonews.com/easy-stn-player/7.28.2/
Redirect Chain

https://embed.sendtonews.com/player2/embedcode.php?fk=Be6nXXXs&cid=12385&SIZE=400&floatwidth=400
https://embedcdn.sendtonews.com/easy-stn-player/7.28.2/embed.js

7 KB
3 KB

35ms
20ms

Script
application/javascript

108.138.26.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embedcdn.sendtonews.com/easy-stn-player/7.28.2/embed.js
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Server: 108.138.26.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-67.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c86dcd89671c80c395e7ba0543de4959828856f8c7c2ac9ad20f70c3686219f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:01 GMT
x-amz-version-id: AjsLvyFpO3lXdsbLEMs8lsqQX_ZgyyzO
content-encoding: br
last-modified: Fri, 08 Dec 2023 22:24:31 GMT
server: AmazonS3
via: 1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
etag: W/"d45278b7f12b0b655944b47999d88519"
age: 45
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: E0ZaEGa1gehpeY0mtd1IB_9Jn6_cs5gRfTvrJlkwnwe8TyeelMB-Hw==

Redirect headers

date: Tue, 12 Dec 2023 09:11:45 GMT
via: 1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P7
x-cache: FunctionGeneratedResponse from cloudfront
location: https://embedcdn.sendtonews.com/easy-stn-player/7.28.2/embed.js
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: BtuJohgUeFJJeSuuvNiZLsBkxjrTETcNHEYv6WeQCPBiFT7Vcz5aRw==

GET
H2 200 app.js Show response
ads.empowerlocal.co/ 67 KB
13 KB 130ms
130ms Script
application/javascript 51.81.49.106
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.empowerlocal.co/app.js
Requested by: Host: ads.empowerlocal.co
URL: https://ads.empowerlocal.co/adserve/;ID=181918;size=0x0;setID=517063;type=js;sw=1600;sh=1200;spr=1;kw=home;pid=1393686;place=0;rnd=1393686;click=CLICK_MACRO_PLACEHOLDER
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.81.49.106 , United States, ASN16276 (OVH, FR),
Reverse DNS: ns1002533.ip-51-81-49.us
Software: nginx /
Resource Hash: 19f017b060eef42c6c184a49c2293ba61282cf67189da8025a13dd7dd680e588

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
content-encoding: gzip
last-modified: Mon, 06 Nov 2023 19:03:50 GMT
server: nginx
etag: W/"65493896-10da1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
expires: Tue, 12 Dec 2023 09:41:45 GMT

GET
H3 200 easy-stn-player.js
embed.sendtonews.com/easy-stn-player/7.28.2/ 129 KB
0 47ms
23ms Script
application/javascript 108.138.26.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/easy-stn-player/7.28.2/easy-stn-player.js
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.26.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-67.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:10:51 GMT
x-amz-version-id: 1aGH_A6EJvsaoa1KEHdzD2R0ffhHl4DU
content-encoding: br
last-modified: Fri, 08 Dec 2023 22:24:33 GMT
server: AmazonS3
age: 55
x-amz-cf-pop: FRA56-P7
etag: W/"bc0d97e3d639f08e47d9b06385f03409"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
via: 1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 6qS1sBY-BleQDM4iZRAfCEOQwyir1DxYIge5lH6r78raM60bre74XQ==

GET
H2 200 3bn9HZmLDDxZPChc5Fl2f0jvz9QXvsklsD1HFhzsdMXwnczKyXUOL7XpTy3tXwxzga4cXleMJayk29y5yoe9FdlEMyLok-RC3N4oVhGCwZc=w450-h375-c-rj-l75
lh3.googleusercontent.com/ 31 KB
31 KB 118ms
69ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/3bn9HZmLDDxZPChc5Fl2f0jvz9QXvsklsD1HFhzsdMXwnczKyXUOL7XpTy3tXwxzga4cXleMJayk29y5yoe9FdlEMyLok-RC3N4oVhGCwZc=w450-h375-c-rj-l75

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5b6467920c3cb7305dc9c65ee037741d13bd2290b4ef2836a1f3366879e78b2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:43:09 GMT
x-content-type-options: nosniff
age: 1716
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31242
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 13 Dec 2023 08:43:09 GMT

GET
H2 200 cLkicI_pQeYDWnXX99k_5H61Qyaccm6yWCQZSuoN8SIVLO1GVee7H0AsA3ya-7OzOpQUmxx3pLqjvt58VEWwrnTe159LywYI9gSDRVUP=s42-p-rj-l68-e365
lh3.googleusercontent.com/ 1 KB
1 KB 126ms
78ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/cLkicI_pQeYDWnXX99k_5H61Qyaccm6yWCQZSuoN8SIVLO1GVee7H0AsA3ya-7OzOpQUmxx3pLqjvt58VEWwrnTe159LywYI9gSDRVUP=s42-p-rj-l68-e365

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ad20339e327b45e5d8474685ecaf49b8e1a13cbd594b30995925babc631db34c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:43:09 GMT
x-content-type-options: nosniff
age: 1716
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1037
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=7776000, no-transform
timing-allow-origin: *
expires: Mon, 11 Mar 2024 08:43:09 GMT

GET
H2 200 ZJ0zQZDoQfnP4xQo61MVssT72TjrC8CUCbdVMO_sg12ksyxGi9qydKigibNcRvYQ2XzYcwJCDDiyZ1GtHWyKju3gs85Ctg=w450-h375-c-rj-l75
lh3.googleusercontent.com/ 30 KB
30 KB 112ms
63ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/ZJ0zQZDoQfnP4xQo61MVssT72TjrC8CUCbdVMO_sg12ksyxGi9qydKigibNcRvYQ2XzYcwJCDDiyZ1GtHWyKju3gs85Ctg=w450-h375-c-rj-l75

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

86b51f39bdbd41f0399476d7e3bae8f4a516870ba0f004d4a264eca6bfa1329c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:08:30 GMT
x-content-type-options: nosniff
age: 195
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30866
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 13 Dec 2023 09:08:30 GMT

GET
H2 200 ONUmFhgr3gpEl00HYlSoQT5kcgqvQv5duxHOM7B7TsX-7c9E4TYSqZ5LLL5lPIjfNHKOSYLBxwIgSPtWJAzn-YIlPFOm8eYhraaxeg8=s42-p-rj-l68-e365
lh3.googleusercontent.com/ 1 KB
1 KB 128ms
80ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/ONUmFhgr3gpEl00HYlSoQT5kcgqvQv5duxHOM7B7TsX-7c9E4TYSqZ5LLL5lPIjfNHKOSYLBxwIgSPtWJAzn-YIlPFOm8eYhraaxeg8=s42-p-rj-l68-e365

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

53095f32e39fb8b46ee7b22995892f54054d91d9d900eb0c4071819710c3ff30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 05:26:13 GMT
x-content-type-options: nosniff
age: 13532
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1047
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=7776000, no-transform
timing-allow-origin: *
expires: Mon, 11 Mar 2024 05:26:13 GMT

GET
H2 200 fXX0VrD5eeroanODK0IQ4Dtg13oBCAPwDRTyUeJbbNil-I73RZNWaBwqfdLxYCk0y10CmJXpOsYkg0g4WseOkO-j9eYmHpicobYgUZEC8e8=w450-h375-c-rj-l75
lh3.googleusercontent.com/ 38 KB
38 KB 96ms
48ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/fXX0VrD5eeroanODK0IQ4Dtg13oBCAPwDRTyUeJbbNil-I73RZNWaBwqfdLxYCk0y10CmJXpOsYkg0g4WseOkO-j9eYmHpicobYgUZEC8e8=w450-h375-c-rj-l75

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0a0c0f2eab4ab555fda1adc9789b6c3f8994f47c4fc8367940f434380577a44f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 05:19:12 GMT
x-content-type-options: nosniff
age: 13953
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38729
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 13 Dec 2023 05:19:12 GMT

GET
H2 200 4nbXA5iIrYtYKLceZePyAjkHlro96luVZjrcgY4gt8rE-7Ee7vl64ilOBBe94MkyUDp_yDhGJwl7qI4zJm05KIVLKcAYKK1fkGw30g=s42-p-rj-l68-e365
lh3.googleusercontent.com/ 815 B
929 B 109ms
61ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/4nbXA5iIrYtYKLceZePyAjkHlro96luVZjrcgY4gt8rE-7Ee7vl64ilOBBe94MkyUDp_yDhGJwl7qI4zJm05KIVLKcAYKK1fkGw30g=s42-p-rj-l68-e365

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

67ecb26f1d423b7350dded024f258fc8bb9147b6b5b9d20271f587990b23d414

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 05:19:12 GMT
x-content-type-options: nosniff
age: 13953
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 815
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=7776000, no-transform
timing-allow-origin: *
expires: Mon, 11 Mar 2024 05:19:12 GMT

GET
H2 200 Mq8Jfaq495k3XDxteqBg1mWw0pyKw3z1uI0vKXh_DU9mNRqkeQbgdngmTw3zU8rLlXMxfRo_iPyDM_Ap2bqjcZjM7jGqjf3NUJbw7H5DNN4=w450-h375-c-rj-l75
lh3.googleusercontent.com/ 39 KB
39 KB 51ms
21ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/Mq8Jfaq495k3XDxteqBg1mWw0pyKw3z1uI0vKXh_DU9mNRqkeQbgdngmTw3zU8rLlXMxfRo_iPyDM_Ap2bqjcZjM7jGqjf3NUJbw7H5DNN4=w450-h375-c-rj-l75

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3d9cdeec92af3510ba5623fc29801ffa6697763283efbeda8c5448487f9fc626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:10:30 GMT
x-content-type-options: nosniff
age: 75
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39803
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 13 Dec 2023 09:10:30 GMT

GET
H2 200 Pv_ZgK2EshB_wbbqveILOnecYEJDuos08xGHSVJ4TeeY18UovGuO_-Ang3NZ1QrxGBU4U8Gm0REDxtpQSGPzUr0ugny_BSPDqSSUFg=s42-p-rj-l68-e365
lh3.googleusercontent.com/ 1 KB
1 KB 91ms
62ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/Pv_ZgK2EshB_wbbqveILOnecYEJDuos08xGHSVJ4TeeY18UovGuO_-Ang3NZ1QrxGBU4U8Gm0REDxtpQSGPzUr0ugny_BSPDqSSUFg=s42-p-rj-l68-e365

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

571e6ef5f0f42035a8258727dca3280f7cbec5a1dc22fc452abd9c88166b14fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 07:58:12 GMT
x-content-type-options: nosniff
age: 4413
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1030
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=7776000, no-transform
timing-allow-origin: *
expires: Mon, 11 Mar 2024 07:58:12 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 145 KB
54 KB 86ms
36ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P6JN5TJ

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c9a1d391df4326adc68083643132875ce7d1a1c8cfd5123c004ca46c9130f191

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 54561
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 12 Dec 2023 09:11:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 67ms
20ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 12 Dec 2023 07:48:14 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5011
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 12 Dec 2023 09:48:14 GMT

GET
H2 200 hotjar-467830.js Show response
static.hotjar.com/c/ 10 KB
4 KB 101ms
52ms Script
application/javascript 18.66.97.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-467830.js?sv=5

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-37.fra56.r.cloudfront.net

Software

Resource Hash

bc769cbab72e02795d48add141147ffc0503831975c3f684e766c024083e5e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 12 Dec 2023 09:11:45 GMT
via: 1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/78712d777da5c53077df6f4e9d31625c
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: t4SHvHnw1S289HIQBKeZD-pZhnLcFrGEJtCrAS4iqxgesxd3ODgzsQ==

GET
H2 200 ice.js Show response
resources.infolinks.com/js/1895.006-3.034/ 187 KB
57 KB 37ms
37ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54eacec863498628814d62c486eca8cd1c580c77a4dda865b5941006e40c6e66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 17:45:04 GMT
server: cloudflare
age: 8319
etag: W/"2ede2-6099387db510d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 8344d77d6e3d91ed-FRA
expires: Thu, 11 Jan 2024 06:53:06 GMT

GET
H3 200 d0f58a274151fd72c8c413c523dcfac7.jpg
uintacountyherald.com/uploads/images/2023/12/ 393 KB
393 KB 187ms
186ms Image
image/jpeg 2606:4700:3036::ac43:9f0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/uploads/images/2023/12/d0f58a274151fd72c8c413c523dcfac7.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9f0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 686fedba9281ed039405add4650b1d3b0a659d5720a7b88047d6f4c440028099

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
cf-cache-status: HIT
last-modified: Wed, 06 Dec 2023 16:11:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62342-60bd99b2865b1-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XcKTbTKXiI7q5%2FfW1TkjaMxLu7UjzTGj9cWEoomf7aEB6igG2znCH7zYtIJtVvv7HJlbhh4FgE4chIWLeSrYmDeCXePAzB8mNUpfzJaU4sIzt1JdcKAowYN0SsQw2Iseg4KMvfqzMOo9zP29Tni6zaiN7Xo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 8344d77d6cdc35f0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 fc03dabd538bd318c35ed8e2c94da9b5.jpg
uintacountyherald.com/uploads/images/2023/12/ 154 KB
154 KB 201ms
200ms Image
image/jpeg 2606:4700:3036::ac43:9f0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/uploads/images/2023/12/fc03dabd538bd318c35ed8e2c94da9b5.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9f0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f113d6b3b4aee5e8116cddd5fc375f5b2a582dcad71da858675115fc05975a3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
cf-cache-status: HIT
last-modified: Wed, 06 Dec 2023 15:48:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"26723-60bd947d13656-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sVvPGHDhXQ9QseW3pFCr0nUm%2Bk7cVju7zCA%2BpoctdgtR57E2M76fUr61AJ3tWszr%2F6QduNTof%2FvlYj4UvcULx6%2FHsOPy2c5k8hmUpB5qmrUvWQPCuFSdrpzD66POMQiDGiVo1Sp%2FTT0ahfJ7saE5BAjo6uM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 8344d77d6cdd35f0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 6cd6b89d607ac1ad6b07cf14086e5114.jpg
uintacountyherald.com/uploads/images/2023/01/ 76 KB
76 KB 192ms
191ms Image
image/jpeg 2606:4700:3036::ac43:9f0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/uploads/images/2023/01/6cd6b89d607ac1ad6b07cf14086e5114.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9f0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 523a9533f11df3058a5b0b01a77e91f3e6ad122daa14d874082fa906aaabe484

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
cf-cache-status: HIT
last-modified: Fri, 27 Jan 2023 20:23:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"12e04-5f344a1db15b0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9QfMkS3YTP7D6rOvWqWbsUdWtXz7sD6OnvZGDJzVyOB6OKTs5sMcZ4nydL88zU65XzoVxAksOIlbKXlOjnvTSaL1c6y3mfIX7%2FSh%2FalZ%2F6uyh4EJw%2BW9HJobwy%2Bk2zgKxKNZLvuacVDJX2FJQ%2BBeoacV4O4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 8344d77d6cde35f0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 38bb8baf61b2076f72cf18b0fd3337d7.jpg
uintacountyherald.com/uploads/images/2023/12/ 45 KB
45 KB 196ms
195ms Image
image/jpeg 2606:4700:3036::ac43:9f0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/uploads/images/2023/12/38bb8baf61b2076f72cf18b0fd3337d7.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9f0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5b91b74c3adc2d12f3ca42eeb69a8c59adac9f59e9fdf30d62504d1be9835f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
cf-cache-status: HIT
last-modified: Wed, 06 Dec 2023 15:42:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"b3d0-60bd9320cc77a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWykgn6dbeEeHKDI%2Fb9JVJRlhvC9GSquecyrIZwq7iL58RrNEViTanxiHocUFRtqa8XETDaM00EWqbJqKmcPvMyMc43BBK2Td4%2FEWUyI35HDZoOg4Cm7DYKuXdMEOGYCTB3XnqRamky4M2a0Yaks5KiVfrE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 8344d77d6cdf35f0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ddfcaa306589d968a789291194a71028.jpg
uintacountyherald.com/uploads/images/2023/12/ 181 KB
182 KB 180ms
178ms Image
image/jpeg 2606:4700:3036::ac43:9f0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/uploads/images/2023/12/ddfcaa306589d968a789291194a71028.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9f0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31dbbbb5c30a712330adbc2b972672b647b5d529b61f80e41db287ad4e22b38d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
cf-cache-status: HIT
last-modified: Wed, 06 Dec 2023 16:15:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2d5a4-60bd9a8441cf4-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZbJ2HTEn2tj2xcLdeexKF2TwXXTqGI9PjZTSYKqpLBSr7JwBWjsxaNqSoUi1fQsVcieMhSg%2BBwC2qQrxCQq%2FWWJMGWd%2Bn3nfmUSHT5MrAhtgmStB2LKz49dHHAvYG5Fl3HVemjAamnPlJn8uE2FE8hq2lw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 8344d77d6ce035f0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 cfe590ee8a81ae4dcad696bfcb6c981f.jpg
uintacountyherald.com/uploads/images/2023/11/ 274 KB
275 KB 557ms
556ms Image
image/jpeg 2606:4700:3036::ac43:9f0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/uploads/images/2023/11/cfe590ee8a81ae4dcad696bfcb6c981f.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9f0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5862220784f844113ad16eedf12743d614552bace6a760c4a1e4e457b952d9db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
cf-cache-status: HIT
last-modified: Wed, 01 Nov 2023 22:29:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"44959-6091ecd0e67f8-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5pER3PlG6VAK3d%2B%2B8X40Rk52MwSG5lefTA4ZiOxHd49GmOHVRErvDfY4dUQ9TiwuZUCT4azp2wNRGOqaNY3ETrrSJPMKc6A6qGyxckLt6vTB%2F0HjNTixbSaBXHz2sElrXwS7Xwz7DnQkuXPKsWrNSy71Bg0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 8344d77d6ce135f0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 e3755c73d80447f2a609566f98e79feb.jpg
uintacountyherald.com/uploads/images/2023/12/ 62 KB
62 KB 277ms
276ms Image
image/jpeg 2606:4700:3036::ac43:9f0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/uploads/images/2023/12/e3755c73d80447f2a609566f98e79feb.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9f0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8474f9e1881168604c01e39f4d19582013103892de0ea195c5dbf0c41a5b5611

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
cf-cache-status: HIT
last-modified: Wed, 06 Dec 2023 15:43:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"f717-60bd936c77ee5-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVSCYAHrsCNM4VpdX3Z1zVggwq260mrmRiNa2BZvcpi8PoS3vYS%2FaZqcPHuVRVcfiiGZfJ0tZE5z%2FIte9wQfZkdTIxs7fgW38M8jqwML4Nh6yyE2tbpXt3X%2FnJEVmw%2Fcq6IORZyDChMZqTZ7aD2mpFkSWu4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 8344d77d6ce235f0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 sprite_icons_6dc7d94.png
www.justapinch.com/images/ 22 KB
22 KB 106ms
23ms Image
image/png 130.211.10.17
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.justapinch.com/images/sprite_icons_6dc7d94.png
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.10.17 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 17.10.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 48ea5787f01c0678de86c7861e830f03a3163a2d3a25ddb8fe3b343725dfeabd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:44:39 GMT
via: 1.1 google
last-modified: Fri, 24 Nov 2023 04:30:31 GMT
server: nginx
age: 480426
x-who: gcloud-web-1
content-type: image/png
cache-control: max-age=31536000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22292
expires: Thu, 05 Dec 2024 19:44:39 GMT

GET
H3 200 56d27839db85b1e3772b4a3aa7b07924.JPG
uintacountyherald.com/uploads/images/2022/11/ 7 MB
7 MB 288ms
287ms Image
image/jpeg 2606:4700:3036::ac43:9f0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/uploads/images/2022/11/56d27839db85b1e3772b4a3aa7b07924.JPG
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9f0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 107121045a7853e68204b1a3d59ff54da0161a5e601fbb7977e964f4c9105031

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
cf-cache-status: HIT
last-modified: Thu, 10 Nov 2022 18:24:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"713fc5-5ed21e3dade45-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EZyYWKtdzz2usp1GxeBzlCwdKcIQAoAVpzlkgLTRXvAOw1cWlYWcEaomZeh53u9EW8mYbKDxEyP8ARAKOmL4exT7d5PnDtTf%2Fw4pu4zPS7s15qarpw1Omvf3qVoMeRowNnOwOBz5%2BFYWVc25g%2FynIG0kUWE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 8344d77d6ce535f0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 glyphicons-halflings-regular.woff2
uintacountyherald.com/fonts/ 18 KB
18 KB 32ms
32ms Font
font/woff2 2606:4700:3036::ac43:9f0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uintacountyherald.com/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/css/core.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9f0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Referer: https://uintacountyherald.com/css/core.css
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
cf-cache-status: HIT
last-modified: Sun, 22 Oct 2023 19:20:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 728
etag: W/"466c-60852fdfc57f5-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nr36FrB1T7vKQN9u9sFbJ9%2BCumFlhtJK7Gsy9%2BtiOqqXcflKGLtQPBwh9DIPBv5nfHklJssF71EhfrZ2%2Bd8mJugAvfRHndiYLC0H2Lx%2FrECuKs0xA74yIUoVcHafbD5Lu5EpDpFGYJy6o7NS73v3JdyCc5k%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
cf-ray: 8344d77d6ce635f0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 222 KB
67 KB 122ms
35ms Script
application/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:25:40 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=27792
accept-ranges: bytes
content-length: 68444
expires: Tue, 12 Dec 2023 16:54:57 GMT

POST
H2 200 campaigns Show response
cdn.ads-flipp.com/flyer-locator-service/ 135 B
548 B 164ms
114ms Fetch
application/json 18.66.97.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ads-flipp.com/flyer-locator-service/campaigns
Requested by: Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=%201262363
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-86.fra56.r.cloudfront.net
Software: envoy /
Resource Hash: 829731dcdf08025f3d898c8c3a68acb42b0496dcdd8fc61f85ec5dbbf6a69b02

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

x-trace-id: zayiIKGU7hAIZWqp4E6VJQG87fz_TlR8dKuo-MTsud4QvtrXsA9TBg==
date: Tue, 12 Dec 2023 09:11:45 GMT
via: 1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: FRA56-P2
vary: Origin,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://uintacountyherald.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
content-length: 135
x-amz-cf-id: zayiIKGU7hAIZWqp4E6VJQG87fz_TlR8dKuo-MTsud4QvtrXsA9TBg==

GET
H2 200 ;MID=181918;type=e959fb862;placementID=1756037;setID=517063;channelID=0;CID=0;BID=520639829;TAID=0;place=0;matches=%5B%22home%22%5D;contKeyMatches=%5B12787%2C12790%2C12792%2C12793%2C12794%2C12795%2... Show response
ads.empowerlocal.co/adserve/ 0
342 B 436ms
110ms XHR
text/html 51.81.49.106
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.empowerlocal.co/adserve/;MID=181918;type=e959fb862;placementID=1756037;setID=517063;channelID=0;CID=0;BID=520639829;TAID=0;place=0;matches=%5B%22home%22%5D;contKeyMatches=%5B12787%2C12790%2C12792%2C12793%2C12794%2C12795%2C12796%2C12797%2C12798%2C12799%2C12800%2C12801%2C12802%2C12803%2C12804%5D;contCatMatches=%5B10595%5D;referrer=https%3A%2F%2Fuintacountyherald.com%2F;mt=1702372305308293;hc=78c5cbb68563008f57c44c223ce1ffcccd98ece5

Requested by

Host: ads.empowerlocal.co
URL: https://ads.empowerlocal.co/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.81.49.106 , United States, ASN16276 (OVH, FR),

Reverse DNS

ns1002533.ip-51-81-49.us

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://uintacountyherald.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;ID=171437;size=300x250;setID=316820;type=async;domid=placement_316820_0;place=0;pid=1393686;sw=1600;sh=1200;spr=1;rnd=1393686;kw=home;referrer=https%3A%2F%2Fuintacountyherald.com%2F;click=CLICK_MA... Show response
servedbyadbutler.com/adserve/ 751 B
809 B 168ms
48ms Script
application/javascript 185.245.80.231
Global ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://servedbyadbutler.com/adserve/;ID=171437;size=300x250;setID=316820;type=async;domid=placement_316820_0;place=0;pid=1393686;sw=1600;sh=1200;spr=1;rnd=1393686;kw=home;referrer=https%3A%2F%2Fuintacountyherald.com%2F;click=CLICK_MACRO_PLACEHOLDER

Requested by

Host: ads.empowerlocal.co
URL: https://ads.empowerlocal.co/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.245.80.231 Poplar, United Kingdom, ASN62240 (CLOUVIDER Clouvider - Global ASN, GB),

Reverse DNS

Software

nginx /

Resource Hash

5ec2b063aaafc7a907573cc7f484d1af72cbbea98b8b5ea4980bf016f45c9e74

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
content-type: application/javascript
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 manage Show response
router.infolinks.com/usync/ Frame E9BC 0
33 B 147ms
137ms Document
text/plain 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=3305933&wsid=0&pdom=uintacountyherald.com&purl=https%3A%2F%2Fuintacountyherald.com%2F
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://uintacountyherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8344d77dde9391ed-FRA
content-length: 0
date: Tue, 12 Dec 2023 09:11:45 GMT
server: cloudflare
via: 1.1 google

GET
H2 200 lcmanage Show response
router.infolinks.com/usync/ 0
35 B 142ms
135ms Script
text/plain 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=3305933&wsid=0&pdom=uintacountyherald.com&purl=https%3A%2F%2Fuintacountyherald.com%2F
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8344d77dde9491ed-FRA
content-length: 0

GET
H2 200 gsd Show response
router.infolinks.com/ 326 B
528 B 140ms
134ms Script
text/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/gsd?evt=afterGSD&pid=3305933&wsid=0&pdom=uintacountyherald.com&purl=https%3A%2F%2Fuintacountyherald.com%2F&jsv=1895.006-3.034&_cb=17023723055640
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7a8f3ff2b3866e14052dae0c6a44361293b8e58c6c08c01d1ba689a8e602ea2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:45 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/javascript;charset=UTF-8
p3p: CP="NON DSP NID OUR COR"
cache-control: max-age=0
cf-ray: 8344d77dde9591ed-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 beacons
p.flipp.com/ 0
0 201ms
200ms Fetch 18.66.147.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.flipp.com/beacons
Requested by: Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=%201262363
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-37.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://uintacountyherald.com
access-control-allow-credentials: true
x-amz-cf-id: gVVLLebgH-d0i8qQu-Jdz9Afv9HjXhtbwLry-Ti6Tsmp3eQdOXVRIQ==

GET
H2 200 modules.0ef46a83101151841364.js Show response
script.hotjar.com/ 218 KB
55 KB 74ms
25ms Script
application/javascript 13.32.27.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.0ef46a83101151841364.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-467830.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-107.fra56.r.cloudfront.net

Software

Resource Hash

72d0e968a2bc13b2b3af3a39d1aa6f240e37b3054feaf1ca31b18399974111fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:44:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 408458
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55456
last-modified: Thu, 07 Dec 2023 15:44:01 GMT
etag: "4f152a0a4d20e1d992c5c15c49e98463"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 6H3p2sVKVJ6xSOIf3j6MKiy2hTNbw2IjC4JtO2aTPGLxJ5NHBbfO_A==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
226 B 28ms
28ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1810723417&t=pageview&_s=1&dl=https%3A%2F%2Fuintacountyherald.com%2F&ul=en-us&de=UTF-8&dt=Breaking%20News%20from%20your%20Local%20News%20Source%20Leader%20in%20Evanston%2C%20Wyoming%20%7C%20Uinta%20County%20Herald&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAACAAI~&jid=2085666844&gjid=723786419&cid=1437240365.1702372305&tid=UA-6994918-32&_gid=210403132.1702372306&_r=1&_slc=1&z=1387289174

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

977f1afcfa3cca65301bdd18357f8a34ed8a5d119480930ad6c3dbe76062cd95

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://uintacountyherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
353 B 85ms
28ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-6994918-32&cid=1437240365.1702372305&jid=2085666844&gjid=723786419&_gid=210403132.1702372306&_u=IAhAAEAAAAAAACAAI~&z=48203435

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 12 Dec 2023 09:11:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://uintacountyherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
79 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J19JFGRKPN&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9fb72c620a6d9a6e53264edb38b2c8182181bc81b6a4b1c6554c75525feedd6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80797
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 12 Dec 2023 09:11:45 GMT

GET
H2 200 ;libID=4003237
servedbyadbutler.com/getad.img/ 34 KB
35 KB 48ms
47ms Image
image/jpeg 185.245.80.231
Global ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/getad.img/;libID=4003237
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.245.80.231 Poplar, United Kingdom, ASN62240 (CLOUVIDER Clouvider - Global ASN, GB),
Reverse DNS
Software: nginx /
Resource Hash: 54752dcb83c99b17958a23016c9e151717cc669ae78cc983af844a1e2cfa6c94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
last-modified: Thu, 16 Nov 2023 09:14:13 GMT
server: nginx
etag: "6555dd65-88cc"
content-type: image/jpeg
access-control-allow-origin: https://uintacountyherald.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="WDH_988_Couple Dark Blue Display_300x250.jpg"
accept-ranges: bytes
content-length: 35020
expires: Wed, 11 Dec 2024 01:11:45 PST

POST
H2 200 doq.htm Show response
rt3062.infolinks.com/action/ 2 KB
1 KB 240ms
177ms XHR
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3062.infolinks.com/action/doq.htm?pcode=utf-8&r=17023723057171
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 547e07fc2263ec5546de4561390cfed1f130ae18b87024d66e7f08ddd9f60d95

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:45 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: text/html;charset=UTF-8
access-control-allow-origin: https://uintacountyherald.com
p3p: CP="NON DSP NID OUR COR"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-language: de-DE
cf-ray: 8344d77f3f932ba3-FRA
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
trends.revcontent.com/api/demand/ 54 B
493 B 114ms
53ms Fetch
application/json 18.66.122.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=277191

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-107.fra60.r.cloudfront.net

Software

envoy /

Resource Hash

47b726fd18aa3355c7f0277952419c5e1b33d3347ee2e4eff5e9b9be73040549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-rc-region: eu-west-1c
date: Tue, 12 Dec 2023 09:11:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://uintacountyherald.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
content-length: 54
x-amz-cf-id: _8vEAv10JoZHdTXEDd52h8cnLU898VbkcKWNkQV_7BtbsZoyyIrv3A==

GET
H2 204 sync
trends.revcontent.com/ 0
0 115ms
54ms Fetch 18.66.122.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/sync

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-107.fra60.r.cloudfront.net

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-rc-region: eu-west-1c
date: Tue, 12 Dec 2023 09:11:45 GMT
via: 1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: envoy
x-amz-cf-pop: FRA60-P2
vary: Access-Control-Request-Method,Access-Control-Request-Headers
x-cache: Miss from cloudfront
access-control-allow-origin: https://uintacountyherald.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: -L5bPLAacEtd6xoF5rOz0fDOg_4L22YR1d_jMuNTCM82HLCIXCpjcg==

GET
H2 200 preact-incoming-feedback.c20c19b1cc6c85b5d8d1.js Show response
script.hotjar.com/ 190 KB
42 KB 23ms
23ms Script
application/javascript 13.32.27.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/preact-incoming-feedback.c20c19b1cc6c85b5d8d1.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.0ef46a83101151841364.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-107.fra56.r.cloudfront.net

Software

Resource Hash

68947e9ddb590b11f6c1250e1080ff031fb91fddae5b9d41eb307a20ae306e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:27:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 1701878
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 42783
last-modified: Wed, 22 Nov 2023 16:26:24 GMT
etag: "238d00d7f9c895e9f37ab6355e0076c2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: SJ78-xZr1JFizvPy39fYkBkf3-NF0q-GOXNRCcn2pyjfzXaOUyWrvg==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
258 B 78ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-J19JFGRKPN&gtm=45je3bt0v9109201154&_p=1702372305490&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1437240365.1702372305&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fuintacountyherald.com%2F&dt=Breaking%20News%20from%20your%20Local%20News%20Source%20Leader%20in%20Evanston%2C%20Wyoming%20%7C%20Uinta%20County%20Herald&sid=1702372305&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2169
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J19JFGRKPN&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://uintacountyherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 30ms
29ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-J19JFGRKPN&cid=1437240365.1702372305&gtm=45je3bt0v9109201154&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J19JFGRKPN&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://uintacountyherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 86ms
37ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-J19JFGRKPN&cid=1437240365.1702372305&gtm=45je3bt0v9109201154&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=630421629

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 85ms
35ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-6994918-32&cid=1437240365.1702372305&jid=2085666844&_u=IAhAAEAAAAAAACAAI~&z=796561421

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 80ms
33ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-6994918-32&cid=1437240365.1702372305&jid=2085666844&_u=IAhAAEAAAAAAACAAI~&z=796561421

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 beacons
p.flipp.com/ 0
0 199ms
199ms Fetch 18.66.147.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.flipp.com/beacons
Requested by: Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=%201262363
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-37.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://uintacountyherald.com
access-control-allow-credentials: true
x-amz-cf-id: WU25-VZUAIBR6RDI9oJC0yH7sjS-BXoCOHOQfPDTNWlIqJYBZ8tk-g==

GET
H2 200 font-hotjar_5.65042d.woff2
script.hotjar.com/ 2 KB
3 KB 68ms
22ms Font
font/woff2 13.32.27.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/font-hotjar_5.65042d.woff2

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-107.fra56.r.cloudfront.net

Software

Resource Hash

fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:49:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 8760145
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 01 Sep 2023 09:38:54 GMT
etag: "c9fb9163f8b7be37023ebe649688bebf"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
x-robots-tag: none
x-amz-cf-id: 2gaT2pWTjlUhTeRshHmazhVN4kfRWSk_A1i7BI2KAA7rJXBgokG9XQ==

GET
H2 200 / Show response
trends.revcontent.com/api/delivery/ 13 KB
8 KB 127ms
126ms Fetch
application/json 18.66.122.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=277191&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fuintacountyherald.com%2F&icr_url=&va=0&time=1702372305860&up=pc&bn=chrome&bv=120&widget_width=1060&style_id=0&an=false

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-107.fra60.r.cloudfront.net

Software

envoy /

Resource Hash

07eed7e0100bca5e615f4cbd4297204902d38b0470dbf0fc78687c354c16a115

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-rc-region: eu-west-1c
date: Tue, 12 Dec 2023 09:11:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://uintacountyherald.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 79
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: iW0UEpdYoxIEj5FPz5YsigZrDYv0xbmaZsjiFNnGiCgNLG00fnJhUA==

GET
H2 200 container.html Show response
3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4471 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uintacountyherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 09:11:45 GMT
expires: Wed, 11 Dec 2024 09:11:45 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A184 6 KB
3 KB 20ms
19ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uintacountyherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 09:11:45 GMT
expires: Wed, 11 Dec 2024 09:11:45 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 180A 6 KB
3 KB 20ms
20ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uintacountyherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 09:11:45 GMT
expires: Wed, 11 Dec 2024 09:11:45 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EE4B 6 KB
3 KB 20ms
19ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uintacountyherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 09:11:45 GMT
expires: Wed, 11 Dec 2024 09:11:45 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame EA51 624 B
825 B 153ms
62ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNUcntDjuc4fhdiC2TCZ_xG48WMgkeU9i9_Dn6H1toNsB81xMo7skAii612YKj6XlURyXCQ1pWXJjQ6betUlKw09txBzV59_Dz9FGpvB5_iTEfVcfG83k5lw_16_g2yLtU94Nzj7kND_xRCHKyW20py-TotBddyjzRcCQj65XMrw41XUEzs

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 09:11:46 GMT
expires: Tue, 12 Dec 2023 09:11:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4471 89 KB
31 KB 133ms
88ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 09:11:46 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4471 42 B
173 B 103ms
59ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CrTVxhg4jM0qKvjqYexZZ9KXQ6JGwRilbd7OMX2AGnE9TOQs8kFrCTI7_hRMgm3Op-9E1wRGKRyGLxTnINmiSAupTqUDVhoXU4py4ctXAb8erF2Yg

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4471 3 KB
1 KB 149ms
56ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:54:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4471 20 KB
8 KB 117ms
25ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4471 203 KB
64 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 09:11:45 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame AE00 240 KB
60 KB 264ms
152ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXgj0QAGIqoIVSUuAA490lbfphOX9AYoyKrXqQ&u=%7CVlUSK7hdHRtAqC22zvHIPq2wDegYpuySWesHgZP5%2Fh8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRRk0p77j3wRumtxgql90VCft6Tx_dGkbmjJDqiSU-5iaaO351e886TbZHQWMVZQXFDjNmFB6uXfCex8e_DGfMGy1axkGyrR0NISbACjWnTEaP4OxhWwhHmdkUDQ8ArvCtVCzGZHsXNNF_It6Y0k-IMrUiCuPVkwiFqpT0neSkdG9uGwk164a0pApjS2FGLn_yM7p9gDSbNkS6UiPD_bmBKI-O7AUwT2y86ndSwzR32_ZTt5IcAXYqVzDh2oV3CHu1GrZ8_EjftISXFhqAArlOXrjEJn343ur8y1cldUNlhbvGTexQ1e9KrHpGEE-XmyTUbXPJY3pyYc4oykAWrbsJmUgy9ZtxGmislXC9udXTG3duQ2hlgVPOFcyGXuL3HT938k9Cw6uWpnczLIkFqxZkHQhrg222ngrmyQ3WwWEZj1-Y2euLMVTjeBra76IjqK63_aKt1tStQyz7usKgqAeNbOyCbdpHv5R7Is2n9Kic6Zqrl3aMq_90oljr5Nnpj33qIR_WuKswraMxZStPhaS0-lFNb6c2zgv7H-sTdqmGsREw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHJ2h0SN4ZarFGK7K1PIP0vu4oArJntKxXNWdkfdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTI0MjE4MzY5MzM1MDIyNDLIAQmpAlzkY4S1ELI-4AIAqAMByAMCqgSfAk_QTW8YgIQXhL4EwVYtpzGQI5qdujvBxvrpRQKKIVKP34DkLl4o91JECCp_fjuJfCkib-oh8pS-ZE4Ik_5XsJGnv3mfgttsy2YgOcLlobJeT_G0LL_ySUaO-ROLWEITI8uUtdPaMlIjfreTHY7lLeZJuNcx4q56OGmKBS0_6sdgrdrZpFATCaKTlY-cTxO-4UOr-YT5lqwD-Vxga3-xZQ3oSHKC65TioHqGRtO_6euP-ypEDuh0-hHtp1dGhUQd1abjq1S3rkFX0eh0kDUukjRZVbytOFYxp5BuAGnuB6N2WD0yYPILg4Dh5DtVGHq1snyAe6-Ch5nEn_t8BrBmgLzJczfaCY5gcTABHMtmJ8uETR-RhBDw58P97PCsPjb24AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlJGmhMeJgwP6CwIIAYAMAeINEwi4zqaEx4mDAxUuJVUIHdI9DqTQFQGAFwE%26num%3D1%26sig%3DAOD64_1peTgFRCT6v59ezUeKpL6DNFmB5Q%26client%3Dca-pub-2421836933502242%26adurl%3D

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3611b1c58c65cae7bf3747990d6eabae2d7aa206988f10d2f4815b4b93031c82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 09:11:45 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=LMoQoKGB0Kc3uoZKEcdisezS97QrSfYBrLa7GZUhvguR3rLDtIDsQ9usUfwCnR6cml0JppddRDJSn4DF0O9NBJLz33RDrBaA0vDba_kjqEb7yszwoSnJWl96tCUM8r9KCrRYtKtqOfcyFI06W1K92VUkiJLCikhz8vHH4Pi4NPtvzWwuMEmOTTB_nBWknZg_aQfMyzd_9OYz7FXNjp7zwnCtkNpFCJ_e5_EVSvo_6kfgxD863MNeKy_Vgk4"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 77912998
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame A184 3 KB
1 KB 135ms
54ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:54:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame A184 20 KB
8 KB 109ms
28ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:54:19 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A184 24 KB
6 KB 128ms
48ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27317
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 11 Dec 2024 01:36:29 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A184 203 KB
64 KB 101ms
96ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 09:11:46 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame CB36 156 KB
50 KB 205ms
101ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXgj0QAGIqsIVSUuAA490l6T_QxEZG4Qq2dlVA&u=%7CVlUSK7hdHRsAhU7cLc9yODiqQ%2BqrPpsEsObvqMyOpjo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZDDsO1x7lnZU_xMDa_8YKdjyFkxqQfHiccAXkR_4dOyUQxe_m3cY5wsBBxyrXgB8Y7MwCFzBtkctb0Bi0EUm_l-VWq-iun5oPTHeFbNdOOmdRLnDnC3YQkAvWDR01AJTF-xy_i_4YYNuMbfF3dZ6ggxqXISyNBO8WpVAt0wQLjxGXbNfGQJCsHasGXkh53AiiG99Imz2aWMiv6Kb_stfrIewvKGjRSWYoyZW_4KfODza7mDafEkenUafbBehgvPplmZ50GEYBpLJjAh4ZSZqe2tC9hrg8M2M83EXbrY4SHsUsfQ-qyX_3Yv_UFLWngQUOrnFuRfZ2vQRSOI88YTkyMG6NbMAX_767KnH-OQzAnDTNh87Ua2TBR-XW27pCm7kSa4Y_DV4AihNET_fiexdpMsDl_UJgv88qyb1AwzG4nT0QKKsxkAhoqlOA_MzrmufLjQPdG7r6ld10XrBR8XhlrKAddWUAeRfnDXpBDmfuDZEMQZqG2F10fUCkIutVH0loVk33cF719NhTTdrSajmW_iSQloCg38H9p8pFLpIS4Ts&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcza10SN4ZavFGK7K1PIP0vu4oArJntKxXNWdkfdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTI0MjE4MzY5MzM1MDIyNDLIAQmpAlzkY4S1ELI-4AIAqAMByAMCqgSjAk_Qpxnxm0Uy-ne1fofyKOABwDkzVBwATO2LOvhFZ66_INOe9u1Z2frpGXy5nmnhLWZYlrie9mwZ_IOyrf9jfsD5YkqkyQV9XZAHU-mfl7eJ476xqkw_3GeZ2ZHhOK77lO5iDgO0PwTmAZ_43FudtUdwWvV9Wrp_OOvd0HDRwpQn8vCuPmQtrZpdTHWi14i_BY4dWI8_4FIcfNTLbHm8ZAR_SRoWjOqNw-34bscCoUS01xtFcipqtNHTY2Q8C4bGbK-EHVW55bPau149_iNY3EzUwGzxf4k8V0BkK1VarjWhqKLS9EKkD0kAd7g4dYCqdeA-LQkEJ8Ex3jXQajE77JWk_uICqWTfAyxPESOoHZu9ZJhh7xmQSOp3VmXkDRWOQbl4HeAEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSRpoTHiYMD-gsCCAGADAHiDRMIuc6mhMeJgwMVLiVVCB3SPQ6k0BUBgBcB%26num%3D1%26sig%3DAOD64_284hdZPb9wiIgiIyt5jjQ83SwjzA%26client%3Dca-pub-2421836933502242%26adurl%3D

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

72d74a19116607e044b3d2e3aa67475da4791c0f5e38a1545fc3a8ea58fdb2d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 09:11:45 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=4gM4HqGB0Kc3uoZKJZuGIF4SZMT5YCFaUkEhB9QW_b9xzFpABBtrCi-2qZaIg-bFPGzKWQ-IDX1Yox4M0mc2lE25RCEZF1ao2bj7AkOqI53npHPvxUGLmzyqF3rDLrFE5TSEtqSVHXvwj4mYxzGlqtwQlHBVjKovTES0lx0MGwJzPYLRTzscrQNINbYshAJ3WhbEnLbmmNeUM5x-jyivQQrB4IfXp2g446_cNMLPjR8sQ73aNgqP_oL4GjKAF3n4OCA8Og"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 51973495
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 180A 3 KB
1 KB 130ms
57ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:54:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 180A 20 KB
9 KB 95ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:54:19 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 180A 24 KB
7 KB 114ms
41ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27317
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 11 Dec 2024 01:36:29 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 180A 203 KB
64 KB 91ms
91ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 09:11:46 GMT

GET
H2 200 in_top.js Show response
resources.infolinks.com/js/1895.006-3.034/ 81 KB
33 KB 37ms
37ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1895.006-3.034/in_top.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6cbc6e0c356ead580f680048e3925fb5d55b31ac9dc3eab2ef79cf0a433b219

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 17:45:04 GMT
server: cloudflare
age: 8719
etag: W/"1430d-6099387da1887"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 8344d78068ab91ed-FRA
expires: Thu, 11 Jan 2024 06:46:26 GMT

GET
H2 200 in_search.js Show response
resources.infolinks.com/js/1895.006-3.034/ 225 KB
89 KB 34ms
33ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1895.006-3.034/in_search.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d1b618b508d6e2c3ab4c4d98feeddfdb66e6d87d9dcfd88097f1d85480c3af0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 17:45:04 GMT
server: cloudflare
age: 11780
etag: W/"38471-6099387db3d85"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 8344d78068ad91ed-FRA
expires: Thu, 11 Jan 2024 05:55:25 GMT

GET
H2 200 bubble.js Show response
resources.infolinks.com/js/1895.006-3.034/ 156 KB
46 KB 55ms
55ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1895.006-3.034/bubble.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59ddf97f6e2d2c730808590edffb1c8caf4569dc1f10eb24c374e445911e6841

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 17:45:04 GMT
server: cloudflare
age: 9389
etag: W/"2702f-6099387db510d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 8344d78068af91ed-FRA
expires: Thu, 11 Jan 2024 06:35:16 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame EE4B 94 KB
32 KB 543ms
409ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD6) /
Resource Hash: a2592b93b5f78c6fea9afe7755e9c68ce5a4497f7f6f508339bb4f78a0bced38

Request headers

Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
Origin: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Dec 2023 09:11:46 GMT
content-encoding: gzip
content-md5: 0IifNkWfS/H6/qNjoR1Zaw==
age: 327952
x-cache: HIT
content-length: 32182
x-ms-lease-status: unlocked
last-modified: Fri, 08 Dec 2023 14:00:00 GMT
server: ECAcc (frc/4CD6)
etag: 0x8DBF7F5F8117829
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 334de952-301e-0023-44df-29dc0a000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame EE4B 80 KB
28 KB 131ms
35ms Script
application/x-javascript 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Expires: Thu, 14 Nov 2024 14:07:00 GMT
Date: Tue, 12 Dec 2023 09:11:46 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 2315086
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27680
X-Served-By: cache-lga21956-LGA, cache-cph2320059-CPH
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
X-Timer: S1702372306.091563,VS0,VE0
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 11, 1346033

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame EE4B 3 KB
1 KB 118ms
55ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:54:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame EE4B 20 KB
8 KB 108ms
44ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:54:19 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame EE4B 24 KB
6 KB 114ms
51ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27317
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 11 Dec 2024 01:36:29 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE4B 203 KB
64 KB 108ms
108ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 09:11:46 GMT

POST
H3 204 impression
trends.revcontent.com/event/ 0
0 77ms
55ms Fetch 18.66.122.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/impression

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.122.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-107.fra60.r.cloudfront.net

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-rc-region: eu-west-1c
date: Tue, 12 Dec 2023 09:11:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: FRA60-P2
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://uintacountyherald.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: lpS3hpnmDdmPNedt0KQ-JYmAkb4h_cHIi7M-Z85xy5KvaMK37_i_wQ==

GET
H2 200 css2
fonts.googleapis.com/ 34 KB
1 KB 30ms
30ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fad08488ab9bdf68897a3a6eeb699584c94d259cf814b1f81a330964852f0274

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Dec 2023 09:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 08:36:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Dec 2023 09:11:46 GMT

GET
H2 200 brandWidget~feedWidget.delivery.js Show response
assets.revcontent.com/master/ 65 KB
16 KB 25ms
24ms Script
text/javascript 99.86.4.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/brandWidget~feedWidget.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-45.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 77ec5c81993e8de7cbd15ba2a0ac46136b8c8fb1a2e9756096e071447c83296f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 21:29:29 GMT
content-encoding: br
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 21:29:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 42138
etag: W/"5f980ad861fd561beadfaafc229cad32"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=60
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: fNEVUvRrKCGGzHQ2iVLCTyWeZhiglskMYGQHPU1LhI5dE20sd3Oypw==

GET
H2 200 defaultWidget~feedWidget.delivery.js Show response
assets.revcontent.com/master/ 30 KB
8 KB 26ms
26ms Script
text/javascript 99.86.4.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-45.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 53203ef7d7c97068a4425546fc8797acbc7e61d7e3df6cd8379dab5c2b1a845f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 21:29:29 GMT
content-encoding: br
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 21:29:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 42138
etag: W/"dd527879624f94aec37115fb12409ec9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=60
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: _ISvl9aYAHsai9CNuU5voQB1ZfdffehPgav8Io8IeeC2xA7jdrld3w==

GET
H2 200 feedWidget.delivery.js Show response
assets.revcontent.com/master/ 34 KB
10 KB 27ms
27ms Script
text/javascript 99.86.4.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/feedWidget.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-45.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 50e372c4006f72fce6d43dbf0304aa4c286dc8a967463b556c7f52bee289f634

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 21:29:29 GMT
content-encoding: br
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 21:29:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 42138
etag: W/"f9533bc1fb4c84dc9fa25a7e2a01ce4e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=60
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: RYr-QlNLsmuzRONMsEwI0XTvY-0jxeeDgadVS6Q36l2HVi-foILpcg==

GET
H2 200 /
img.revcontent.com/ 1 KB
2 KB 77ms
22ms Image
image/png 18.66.97.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-21.fra56.r.cloudfront.net
Software: envoy /
Resource Hash: 94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-rc-region: us-east-1a
date: Tue, 03 Oct 2023 17:55:57 GMT
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
last-modified: Thu, 01 Jun 2023 15:43:57 GMT
server: envoy
x-amz-cf-pop: FRA56-P2
age: 6016549
etag: "a798d6ed9b193888fbc8a4a5bd7b51c236f8aa33"
x-cache: Hit from cloudfront
content-type: image/png
x-envoy-upstream-service-time: 22
alt-svc: h3=":443"; ma=86400
content-length: 1351
x-amz-cf-id: 8T-gmGgrSVKCMk-PNACg7YU51PjhjYl_7Q9CbjTJKHlFgoewPo8PsQ==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
47 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 18:31:53 GMT
x-content-type-options: nosniff
age: 52793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 18:31:53 GMT

GET
H2 200 65422d025f83d4-40593098.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 10 KB
11 KB 89ms
22ms Image
image/jpeg 18.66.97.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/65422d025f83d4-40593098.png

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-40.fra56.r.cloudfront.net

Software

cloudflare /

Resource Hash

6e9008b75bae2d9bf3cb46fdf073f01b96d33d1c6e3b2c017a09dea5fb52fcd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=604800
date: Sat, 09 Dec 2023 19:28:41 GMT
x-content-type-options: nosniff
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 222267
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 10354
last-modified: Thu, 02 Nov 2023 15:20:36 GMT
server: cloudflare
etag: "8be697a1691208aa91b88b693b90ce54"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, no-transform, max-age=604800
accept-ranges: bytes
cf-ray: 82f5f7723aa0390e-IAD
timing-allow-origin: *
x-amz-cf-id: zwBFn_6QoDUW6trOq_3rApNjEyLHMzJnvzrG0aLJ5iUaXeQ9x6nPxQ==

GET
H2 200 6577243fdf4271-62238014.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 15 KB
15 KB 113ms
49ms Image
image/jpeg 18.66.97.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/6577243fdf4271-62238014.jpg

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-40.fra56.r.cloudfront.net

Software

cloudflare /

Resource Hash

6b020ee43746d3f2faa3c575f6755f7ad3eff09235f116d215fba44e12ae6dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:07:14 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 3872
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 15112
x-request-id: 570ddf867891ba73d0e637fd738b1571
last-modified: Tue, 12 Dec 2023 08:06:51 GMT
server: cloudflare
etag: "af577206f8c137ab31cf7e8bb3449020"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, no-transform, max-age=604800
accept-ranges: bytes
cf-ray: 834478fa6f9b72e9-IAD
timing-allow-origin: *
x-amz-cf-id: EArBWin3MXvo6ahQAkWIhzY16ksrtlGCWWdKDqOHW6N0gzzNZbUo2w==

GET
H2 200 64f9a5bb888212-37359274.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 21 KB
22 KB 90ms
27ms Image
image/jpeg 18.66.97.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/64f9a5bb888212-37359274.png

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-40.fra56.r.cloudfront.net

Software

cloudflare /

Resource Hash

d1a2da045d78c4ed73d71581e1607e7ea958d598ff919dfb7fb72d53fb18b43e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=604800
date: Sun, 10 Dec 2023 11:18:48 GMT
x-content-type-options: nosniff
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 165178
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 21668
last-modified: Thu, 07 Sep 2023 12:23:45 GMT
server: cloudflare
etag: "bf2c86c633d37454e6b075514d4799e2"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, no-transform, max-age=604800
accept-ranges: bytes
cf-ray: 82fb691cbe1839b8-IAD
timing-allow-origin: *
x-amz-cf-id: xRW0f19lNQw5r_fpa3Bz6uNTgVgza0IUwtV-RqzK89UTZBKcbfWvfg==

GET
H2 200 9f9286487ffd4838294e0797c5228b1d.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 17 KB
17 KB 109ms
47ms Image
image/jpeg 18.66.97.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/9f9286487ffd4838294e0797c5228b1d.jpeg

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-40.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

f24262a92091012067009368f31d2024399a63aba5b0ace5320f286520b0d270

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:08:10 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 79416
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 17272
last-modified: Tue, 19 Sep 2023 17:42:56 GMT
server: Cloudinary
etag: "eeaccc2dd2fdc5715b80ecf34b939251"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, no-transform, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: EhsgElTvQHI0dSokB0tF__dnqNZrXJEdF35eBooAHHOCoyRMKXWy7w==

GET
H2 200 getads.htm Show response
rt3062.infolinks.com/action/ 536 B
456 B 186ms
181ms Script
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3062.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22h_IL_INTOP%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22h%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22dream%22%2C%22scs%22%3A%226BEuOjaHSt%22%7D%5D&rid=7e9b647d-554c-4ea0-a5e1-e4deef2f7a96&jsv=1895.006-3.034&sr=1600X1200&rts=1702372306062&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=120.0.6099.71&dv=p&ce=t&purl=https%3A%2F%2Fuintacountyherald.com%2F&tzo=%2B0100&c=c&strg=true&sua=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D&rsd=HB9tL8AFmemoeI4jrvkiUsAYLeNHG9D0LHiRYkfkpY98pes-cgiEGFQ8w-wz9KY1OeHcC2DElfGPLJ_jl5_iplWJpS2TmEVo8fAZjuAa9uda33NmgGynf1U215eQsZW8YD1RbMK6x8jwWXafhHWumJevupvfAa-ZzEU0W1WvF9g&rsk=0&rcs=gxq2MIK4aW_PgR6grdse5w&cuid=91ccf37a-d9e4-4cf4-9523-06e2ac389cba&hbnr=false
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 583b1034e6df59146ec6c6e05ddc9b38d73571e315472d407da48ff2244ded9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:46 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="NON DSP NID OUR COR"
content-language: de-DE
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 8344d780f94291ed-FRA
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 getads.htm Show response
rt3062.infolinks.com/action/ 551 B
530 B 176ms
174ms Script
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3062.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A2%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22video%22%2C%22scs%22%3A%22dJQMLCKT-n%22%7D%5D&rid=7e9b647d-554c-4ea0-a5e1-e4deef2f7a96&jsv=1895.006-3.034&sr=1600X1200&rts=1702372306067&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=120.0.6099.71&dv=p&ce=t&purl=https%3A%2F%2Fuintacountyherald.com%2F&tzo=%2B0100&c=c&strg=true&sua=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D&rsd=HB9tL8AFmemoeI4jrvkiUsAYLeNHG9D0LHiRYkfkpY98pes-cgiEGFQ8w-wz9KY1OeHcC2DElfGPLJ_jl5_iplWJpS2TmEVo8fAZjuAa9uda33NmgGynf1U215eQsZW8YD1RbMK6x8jwWXafhHWumJevupvfAa-ZzEU0W1WvF9g&rsk=0&rcs=gxq2MIK4aW_PgR6grdse5w&cuid=91ccf37a-d9e4-4cf4-9523-06e2ac389cba&hbnr=false
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da7b599273a74227a467362f10d63114e96a3bf464f218fc0639112d753ea263

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:46 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="NON DSP NID OUR COR"
content-language: de-DE
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 8344d780f94b91ed-FRA
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 intag_incontent.js Show response
resources.infolinks.com/js/1895.006-3.034/ 200 KB
38 KB 44ms
39ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1895.006-3.034/intag_incontent.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21cfed7eb47b3b9d993cf5a71b4feb6e45c17a34e5355f197deb015ff7d877f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 17:45:05 GMT
server: cloudflare
age: 1826
etag: W/"31f6c-6099387e62a98"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 8344d781297091ed-FRA
expires: Thu, 11 Jan 2024 08:41:20 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame EA51
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI5MAXo5GBeHG0v49jzJ9_Q&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI5MAXo5GBeHG0v49jzJ9_Q&google_cver=1&C=1

43 B
770 B

64ms
63ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI5MAXo5GBeHG0v49jzJ9_Q&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNUcntDjuc4fhdiC2TCZ_xG48WMgkeU9i9_Dn6H1toNsB81xMo7skAii612YKj6XlURyXCQ1pWXJjQ6betUlKw09txBzV59_Dz9FGpvB5_iTEfVcfG83k5lw_16_g2yLtU94Nzj7kND_xRCHKyW20py-TotBddyjzRcCQj65XMrw41XUEzs
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eSqJFNFCAJ7dfhATUysukIJKxIdej4hq7dbwmxfqE8iAaX60ypuWJuuWOr%2FL%2BJPUD0RfuJVw71wV0l2JWd7%2FsbLedEtrb3EgX%2Bv2OHT9zVs4HwnGZzqcwnyo3wkMErmNGANq2D8b0%2FDliQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8344d7826cc358ea-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DlaDbO1bu0ykfNLdnochOhLY3VQvoacMTfKLQ5KKL4KAjWdNt%2FbH5OjCeneOLeetH28BKYtjBR4p5f%2BZPgYquiffy4hedVzfyvwuKaZ5mq7Xjlef0YcRr1QaopUM5SpTkSLrDrvQ5tfmJw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEI5MAXo5GBeHG0v49jzJ9_Q&google_cver=1&C=1
cache-control: no-cache
cf-ray: 8344d781df7c4516-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame EA51
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXgj0qMjLb2wtUAty3efRgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI5MAXo5GBeHG0v49jzJ9_Q&google_cver=1

43 B
735 B

77ms
76ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI5MAXo5GBeHG0v49jzJ9_Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNUcntDjuc4fhdiC2TCZ_xG48WMgkeU9i9_Dn6H1toNsB81xMo7skAii612YKj6XlURyXCQ1pWXJjQ6betUlKw09txBzV59_Dz9FGpvB5_iTEfVcfG83k5lw_16_g2yLtU94Nzj7kND_xRCHKyW20py-TotBddyjzRcCQj65XMrw41XUEzs
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXkR%2FiKO8Q6L1VkgN5pgtOHDaddVmS2mXQxtquNSdmCBtfWtQVB9Hae1MlUBRTcN1j2%2Ffphm9INHIczczaeOCpIevau3s02%2BLZ5ZY3u4nU%2BfkGldX%2BB%2FIlIBTPM0szYvUtYgyaFVOr1oQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8344d782cd8458ea-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI5MAXo5GBeHG0v49jzJ9_Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame EA51
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIFLpVuG88RvFlu8ACR2ZAU&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIFLpVuG88RvFlu8ACR2ZAU%26google_cver%3D1

43 B
895 B

41ms
37ms

Image
image/gif

185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIFLpVuG88RvFlu8ACR2ZAU%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNUcntDjuc4fhdiC2TCZ_xG48WMgkeU9i9_Dn6H1toNsB81xMo7skAii612YKj6XlURyXCQ1pWXJjQ6betUlKw09txBzV59_Dz9FGpvB5_iTEfVcfG83k5lw_16_g2yLtU94Nzj7kND_xRCHKyW20py-TotBddyjzRcCQj65XMrw41XUEzs

Protocol

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:46 GMT
an-x-request-uuid: a6eba53f-ae0b-486e-a3be-6ab920073f6b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.20; 217.114.218.20; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:46 GMT
an-x-request-uuid: d24b8ccc-9cb3-472b-a366-50f8d3f32bde
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIFLpVuG88RvFlu8ACR2ZAU%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.20; 217.114.218.20; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EA51
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU2ODA0MTY0NDg2NjI1NTg0Mg%3D%3D

170 B
188 B

30ms
30ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU2ODA0MTY0NDg2NjI1NTg0Mg%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:46 GMT
an-x-request-uuid: f685ae8d-3ede-4f92-b22b-d1a2b31d03f0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU2ODA0MTY0NDg2NjI1NTg0Mg%3D%3D
x-proxy-origin: 217.114.218.20; 217.114.218.20; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 180A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e62ffe5291d4fd957b67bb146926504229d1f9a7137190a1783ce615b4f15fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A184 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9ffbfce8a9c05aa23dc51cf3fb62a1617618787d1cc6b31b87736333d05775e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4471 0
20 B 60ms
57ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7491989659928&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4471 0
20 B 57ms
57ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7491989659928&version=m202309260101&ct=76&x=1&cor=3847533235364936000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4471 108 KB
41 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5J1Tt7TApxSNHcTh3_la-gcM5DNNvgFU7byz4WaRSkd8kdC7-OOk1ePx3xxfvRQs27joTq9oZoUn0fWRaGb3UN-gXGDhsnhv2lh3fkdB77etuCBl2X4-fUJGndWcJQABbg5KG9VjJTgf51FGvZ33Xf2N_uAw5b3o8BLtrQ_7tZtTlIzY&dbm_d=AKAmf-Dyu2SF7PT5Vbpc42VcbRX1m65bdngYw3St-EdJVqLp6nmciNYJOT_5WtTqXxY7tq07od58IMO5mNiYwr0g1tboVX6GBicmQ-UKueOGifVKevC1sB2D9wE0o8PSQf4LUlEV24Fx24lRpN_rO6bwKCU_m-9dYpc7sLDBNl_bL-vMPTLq5WABNfTO8c45eAjtBrurbZBxwGbI7IhHwiRgGxtQc8lUZOkJk0PJsD1yuzF8okdbeBkPRbBHoY87vO8svcmSoREpUhtFOYUbbUE81u6as2ni1xUAjKwLn7C5iufSWWkkT2uK9D_3Wk1wt1WNmGz2bpzgHnliZKX-1s2n-rCBVcz2l6BOLqfuiWvxlIx5Bhnl2mPkh_OZRGvYTkZFzkpV6tS4hBY9RBAD40cWypVLeKgpZTxZ7CkqWYvlrEPA_n75V-dk6mnyt8iVsx7JVcMUfT_PS-AooPEzHI1VsBxdLCJXeHs33hqXyTwVfmBNEYkjl3hRx2vntCgem5QDFD5G5_pXfc8uaUZm32vIZk659pfPvJUql8SYbAWBogKPAmWDrm75RibtKvGOAIYatWx4g5Eot5fIKRV6mYHVfgtx9fKLlaVWropTJJI2B9jMS6vOLsC2k_Lz76ngkbiVG4OP-pit-BrSgBGdVSJgV66jxWKKMSEC_s9GdCp1UDjwOkLfdZIhxltDO1AHG-zMbU9eah2bLnGmWM2JpJOJ_8MWPAG0Nd1a80JRhno0CUpYb2jUQoA_bSHP4R37nuNrvS8OgqJVP9N2hFmzIxQdheSnQWDEJk6eOBnmL1v79xO7xWQ5W81DLd7iB5Y6ssLFD5gVayYSbUZN7c8OxuenqV-1d8b1VuTFglwN6KHvxYrIeaPjkF70AW8QMhVQSrw3KXj82cYFMuN23gsgjINNIPt8YW4ofbQUTysW9xU6t_dq0HBPzLc9F8eA3bG3Qsl19EbIB9GBhN6OL-aktWTHuR5zC6iPRKduAJkzfBkIne9VSDdPSdiNwQ-S7uwqgfLQ8DB0Cb1c7uNCR9WkjaXxbIKgO3tQEkvR5nzW0eO-i5mhUonlcH_H5iMwSBzqGcGXQ6DrrVNjieYGCrO01BSFzckQeovle7oymik5bZkJr0Ip5qz3sma6DHD22NqxscGBJwDMV259lyUBQ7QVaNoMtjq304gaI08alGf78-hnNdbx8s_TuMhkVobo0MvkP20DM1VoiYFq7nfb5P7b5Kp_Ik_oxd6o78NWyfRtxRVZjRM19oKn9UqKjTMAh9Ns_y3wuc1US6Yq32r26R5nXYEWj7UgqOcYNRd8te12O5eVhPyPhJJ2kP2m4Kb6lCLa4QrJr_N1t38kr_i7qMIjneHEyF2sxOJrjUdoudZTZ-Uuk3ZAPZqtsZPbn0JQy_zXbeV0qZHW2IeO7oI2d73PtxL_wHX8UbFkWk4Kno9S-aRdcBguEeqWY_CCo0FnB_qSoG9qGM6YiDc1hf0vec8Yofyq_5FyfbXsSfPMPJSLpchdU0XoM7E5d3nr3W9TKVmelpSLsCiW3mWTSjbqxNTtkG5Z95qScM-akyzZBKHkoUS-779XtLc4ezpDYXAS48qxKbbZn-aBaDdBR0eTgw4MShtdJ9kPh67lO1-aDu99XB4f4UJCSjGQ8t90_IP1crfCaPtyI306VuNcTfBlqgbt3ek1J7aOtphHrd_eEJvKTLfsCJYUW8FDeZ1Hm9QPDKRxZCy0kOlmPxiSZe18ec81g__OviQPtBlGWVwoVYXJ9BDr6xhSLMsw3rknIOhWB-c7IHOKC3SBucfKS9nj3BYtcIYeW4ttGLdPsJ1S_7QQwre5KP3axRAiYlxqLYEGng145Cx2Ydg2TNcUFT2vZ5Qm2ALLO0ZK2vUSa_BbdbTIm3qCjezgc7KxVNNPQyaZLfbCc8mK--1WCxsHSm39HINVIOqkGB1TX5m_QnsY8g-mchljNrLRdQcYXBqoACkELjfcmOlEJnFa9PSKuanlPCpIbqLemXQyI6hAgzVCESwpCWbS9Aup0mw9R_AcCb8vC2QwjJUG9GHlY3B-2Hqqeh2IA4i5RasvrVkoHlBXuKtkFdoXDj6neNYwXvhJWBiB9Pb7z502wyKSqi0pYUt6RQhGxli6khJgxEHFswA2-DY-0ZojKke5u0YYGLKbd0VhyJ_2Tl-L_YULgYKUoX8fpvJytCHkL16vYdwUw2uBOqKW3AkCq5CG71_5H1BtdZhoCQEKug7nD84eJ4oBfWS_DanvAC0xX0P4iGvPqf3l8Ov170vKLfn8UyNhksiOnp9De8OQVgR9p1qCfV6EVp_33vByWaGjFNGfqiAdam47m2t8ntSNr9PhZx01StN91Lc31wPLgt3neecU1cfgeAs2Pmv2O8e-r_FPQqDjwr4Bj_hn0wo7f-BbkHMw6UGcPqILVYR0ON3XM23_sSnkdTYMIEB4FzWh3XRUxvwtVLda7bIrxVBSVbmCq0O28Vi6kuyf6pyEIP3ddkgjyMewksxawKXXOUjKmFCO3NDZSPZ3US8MzHOyQDHMi1W36ObVTeDAzuRMSS40r-Jgm8GmgBwyLyUmK-d6k7eBygq2VOj1SFizZ2a2AORAM5AqEtyX9gogM1e0m0zqmKFac3h-m8TXbxp4ZVEKVNyyFGcayPPIMqBToNEPryCKkATaQf6WVXSlCEo_F8rf6ycHflkz3cletsXZ08aFWSW3EUK8W-Jy6oJYcrbGH3udIDVEqLyFI6u-2LG-fro2nbgLxBFyeBovNdVehy4QS2YWKSs1Dp33A6_ApzlNp12xiN0GsuvpcPzF1WRJFfHzXMjHrPrc0vdRPfiU0ISFM19PkU69ihPUCmVhz4q8WvjWlr2GzoLVkJqiJ69kItSNpwKbIwL9gQkY6dfjWKddRI8fsB2rPXDiP7nQLAvXWX7eLgWIK7HSwoNWtQ8HkTM3-wf29jYC_WUQtcKV46p-WUXXVNn2ztjIFKGcWlwlbi_SiPlp0tLb0wMGMFjDveTTzMTaZoqtW9cr4mcKF53_8elVQOGWuZlR8wMYfrGugekmUUWNUmroZei_P_GwOxIPLNT5ZO6Qi0tbTem4SLcXBe9Kbx8na-ib5a5XYdvbW6kd_Ss2na1bxY03CCsKiLQbPbsqAOkkO2c3V1haHW3X3imWOPZMyE-OVM7xoarhhQ6xHmn_xz_kBOQ90nYh_lWSTjCxJ9xxyf4y2n3nmAttemsvLGg7SjBxav1tzP88cwWZSlnYoYtDFYw6CudbbOaEODG81HdsCBjQ3-U9K8tKkXI39c8ms25qPplm13BzNdbqeOYyyHPB3U3STGTs8I6cfSHrupW5177MHEo4tjImqcKQEQeD6zKxF5aFjShRGLZ8hBTtBR0BhP-_Wdv_DY0VZt5coquJWRUbAjgMO8bH-0xqWa2KHiKu-DOi14d5RlCte0WZjd1NCganGkdC6J8r1tVoEtH9SBQInf4n_YAL_U0RpxZTCsmor2nhAeRW4AfFVs0bo1jQCjTMJObJdq3eq8PzV5XXpRtIXlAtrjDpT6bJ-R2xFw6eu8W7XRMN56--c4PpCex4BJioK7gK9KnanDBOj_FDo3CttzvRe6LA_mAufob14I1BosjY4WzXbWShoMtq-IzVfnLWsJbPnLrd-oKEJPv2ruxwSjTX-7QP_loWTHvV9Hz1_YZo4egXO94QxnxRhZT5jM0_0MXl1Y5QE4kahFU5HJaz94vBsqHJwwVB1u83suIRShPtO4nuOJxjd4gIWVJnjK-uebP0SDe4DP5kAMsrAvoIp_rzip-Otu1GFWfYoy_N3k3xeRspgIt9bu31xJJ1za_jGHkBzuBsws9IeSavxNg98_jnJumt4e98dRUnh7QPu5xe4gdp_DxEBqPd02CRaYpTMXUAYwUpfnmvnWX4ng_sxyor3dKSdEjgCJF2ZuG4AhWxnESUqabWSbp3nU7C01TPYLVhGw4ESBAyah2Q0wLSjJHLhfew6J_ZYJK44Z1x6BIsKEX4ZALk7fgMFm5VHrplaM1u1gO6p3raiz4ARTXHxAJMZq750yShQ3FxDg&cid=CAQSTgDICaaNjclku_S2ItL8X500NNljTNDenaEfD_gYExrO-FazBQNSeCIcrN6YaHVwdv801mTExwvYEB1jE-Jct-uHZwQHrmmqFV3zU1t0fBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fuintacountyherald.com%2F&ds=l&xdt=1&iif=1&cor=3847533235364936000&adk=1964084971&idt=154&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e3b078c8f7318477d6d4503856a0fb5daa1e6af3df55a394924a5d15b882ffa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42174
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 widget-rtdx.php Show response
japfg-trending-content.appspot.com/ 5 KB
2 KB 533ms
471ms Script
text/html 2a00:1450:4001:80b::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://japfg-trending-content.appspot.com/widget-rtdx.php?s=10236
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: 5990b713fd1f8f91c3bcc47c544217e4cbe8d460b0f4a007ffe8e22bc88963ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/yjsuMg1kkWeWHf5qo2WHhexYOVs/gpt_and_prebid/ 142 KB
31 KB 83ms
31ms Script
text/javascript 2606:4700:4400::ac40:90a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/yjsuMg1kkWeWHf5qo2WHhexYOVs/gpt_and_prebid/config.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6JN5TJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aed7464375c3cabfd9777c4bb2528694491da75f6b357b14ebd391536b2a457b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Dec 2023 08:01:25 GMT
server: cloudflare
x-amz-request-id: 2SNX1FEYS2RZ9NWC
age: 367
etag: W/"c1ead5565b1051d2d873098f91024616"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 8344d78219999295-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: PY8AogJZNZY4pszK1eGST6WT5lWqk7F8tDnd3ybKIkkWzaJ4AuCVFGEB3hOuDgDmh7LOwmAMlOM=

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame CB36 2 KB
1 KB 146ms
72ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXgj0QAGIqsIVSUuAA490l6T_QxEZG4Qq2dlVA&u=%7CVlUSK7hdHRsAhU7cLc9yODiqQ%2BqrPpsEsObvqMyOpjo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZDDsO1x7lnZU_xMDa_8YKdjyFkxqQfHiccAXkR_4dOyUQxe_m3cY5wsBBxyrXgB8Y7MwCFzBtkctb0Bi0EUm_l-VWq-iun5oPTHeFbNdOOmdRLnDnC3YQkAvWDR01AJTF-xy_i_4YYNuMbfF3dZ6ggxqXISyNBO8WpVAt0wQLjxGXbNfGQJCsHasGXkh53AiiG99Imz2aWMiv6Kb_stfrIewvKGjRSWYoyZW_4KfODza7mDafEkenUafbBehgvPplmZ50GEYBpLJjAh4ZSZqe2tC9hrg8M2M83EXbrY4SHsUsfQ-qyX_3Yv_UFLWngQUOrnFuRfZ2vQRSOI88YTkyMG6NbMAX_767KnH-OQzAnDTNh87Ua2TBR-XW27pCm7kSa4Y_DV4AihNET_fiexdpMsDl_UJgv88qyb1AwzG4nT0QKKsxkAhoqlOA_MzrmufLjQPdG7r6ld10XrBR8XhlrKAddWUAeRfnDXpBDmfuDZEMQZqG2F10fUCkIutVH0loVk33cF719NhTTdrSajmW_iSQloCg38H9p8pFLpIS4Ts&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcza10SN4ZavFGK7K1PIP0vu4oArJntKxXNWdkfdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTI0MjE4MzY5MzM1MDIyNDLIAQmpAlzkY4S1ELI-4AIAqAMByAMCqgSjAk_Qpxnxm0Uy-ne1fofyKOABwDkzVBwATO2LOvhFZ66_INOe9u1Z2frpGXy5nmnhLWZYlrie9mwZ_IOyrf9jfsD5YkqkyQV9XZAHU-mfl7eJ476xqkw_3GeZ2ZHhOK77lO5iDgO0PwTmAZ_43FudtUdwWvV9Wrp_OOvd0HDRwpQn8vCuPmQtrZpdTHWi14i_BY4dWI8_4FIcfNTLbHm8ZAR_SRoWjOqNw-34bscCoUS01xtFcipqtNHTY2Q8C4bGbK-EHVW55bPau149_iNY3EzUwGzxf4k8V0BkK1VarjWhqKLS9EKkD0kAd7g4dYCqdeA-LQkEJ8Ex3jXQajE77JWk_uICqWTfAyxPESOoHZu9ZJhh7xmQSOp3VmXkDRWOQbl4HeAEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSRpoTHiYMD-gsCCAGADAHiDRMIuc6mhMeJgwMVLiVVCB3SPQ6k0BUBgBcB%26num%3D1%26sig%3DAOD64_284hdZPb9wiIgiIyt5jjQ83SwjzA%26client%3Dca-pub-2421836933502242%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 06 Dec 2024 09:11:46 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame CB36 2 KB
1 KB 115ms
41ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 06 Dec 2024 09:11:46 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame CB36 308 B
636 B 112ms
42ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 06 Dec 2024 09:11:46 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame CB36 293 B
621 B 109ms
39ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 06 Dec 2024 09:11:46 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame CB36 43 B
348 B 94ms
29ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=D_rrsZ3gPfgEnCaj6vwb1cS3pMo2py1w8D3Z7aJqyHZuX1iunA4g3cgyQCo4R67d--TZ-qB7Ob-fv55KumGfyBx0E0AEOgylO2hR7q3pwVgJFCnZ07YRm4BEvPCzHIvrfbJDgq7uNT2AoJTp3Pa82jAIhf3DVxsKkirwJ5bGLXpMXhaTmm4-t6kz04Q82ToCLu5grlzAvUKh5iIclTso1A9teYCsaNfZ9hrdNQ7BC8HhiuB6AADVuEx-Cs-OgGkVFJhQ2zqkbcZtv46xlsDopFoeMK6R9m1RgAaCNm5QPNNpGTUGecYoB8HmZvbIeiQZlBi4vvmqUo1BJSUml3E_GXsFx0iDxnpJ1gyzFzI6ksd41CHwKYxQNrLCW3QnnXfpvoru8enZ6ZrDwzMD0W7vGyEHJGos8YH9fz7KSfcJdjc3BS1x

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1722572
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A184 0
0 63ms
63ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CdyK10SN4ZarFGK7K1PIP0vu4oArJntKxXNWdkfdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTI0MjE4MzY5MzM1MDIyNDLIAQmpAlzkY4S1ELI-4AIAqAMByAMCqgScAk_QTW8YgIQXhL4EwVYtpzGQI5qdujvBxvrpRQKKIVKP34DkLl4o91JECCp_fjuJfCkib-oh8pS-ZE4Ik_5XsJGnv3mfgttsy2YgOcLlobJeT_G0LL_ySUaO-ROLWEITI8uUtdPaMlIjfreTHY7lLeZJuNcx4q56OGmKBS0_6sdgrdrZpFATCaKTlY-cTxO-4UOr-YT5lqwD-Vxga3-xZQ3oSHKC65TioHqGRtO_6euP-ypEDuh0-hHtp1dGhUQd1abjq1S3rkFX0eh0kDUukjRZVbytOFYxp5BuAGnuB6N2WD0yYPILg4Dh5DtVGHq1snyAe6-Ch9vGvmn8lWBbJmzuqbv64CpuVjq3FuV-pX9McLljOw7c_1s3eNBF4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlJGmhMeJgwOACgH6CwIIAYAMAeINEwi4zqaEx4mDAxUuJVUIHdI9DqTQFQGAFwGyFxwKGhIUcHViLTI0MjE4MzY5MzM1MDIyNDIYy70q&sigh=8tKyAXVteVM&uach_m=%5BUACH%5D&cid=CAQSTgDICaaNjclku_S2ItL8X500NNljTNDenaEfD_gYExrO-FazBQNSeCIcrN6YaHVwdv801mTExwvYEB1jE-Jct-uHZwQHrmmqFV3zU1t0fBgB&cbvp=2&vis=1
Requested by: Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame A184 0
126 B 115ms
37ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k47EGI-lBKwC2ASdg2ICAgAAAKe8skCAydJCcNRne6oU-b4Q0CN4ZS_BIW-DPQXH0AAAABIAAAoKQVFVQkFRRUJBUQ&wp=ZXgj0QAGIqoIVSUuAA490lbfphOX9AYoyKrXqQ&cbvp=2

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 159830
server: Kestrel
content-length: 0

GET
H2 200 dcl.htm Show response
rt3062.infolinks.com/action/ 0
37 B 141ms
141ms Script
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3062.infolinks.com/action/dcl.htm?rid=7e9b647d-554c-4ea0-a5e1-e4deef2f7a96&jsv=1895.006-3.034&capara=%7B%22failedAlgos%22%3A%22aapalgo%22%7D
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 8344d781da0991ed-FRA
content-length: 0
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 getads.htm Show response
rt3062.infolinks.com/action/ 0
57 B 144ms
144ms Script
text/plain 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3062.infolinks.com/action/getads.htm?hks=%5B%5D&rid=7e9b647d-554c-4ea0-a5e1-e4deef2f7a96&jsv=1895.006-3.034&sr=1600X1200&rts=1702372306208&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=120.0.6099.71&dv=p&ce=t&purl=https%3A%2F%2Fuintacountyherald.com%2F&tzo=%2B0100&c=c&strg=true&sua=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D&rsd=HB9tL8AFmemoeI4jrvkiUsAYLeNHG9D0LHiRYkfkpY98pes-cgiEGFQ8w-wz9KY1OeHcC2DElfGPLJ_jl5_iplWJpS2TmEVo8fAZjuAa9uda33NmgGynf1U215eQsZW8YD1RbMK6x8jwWXafhHWumJevupvfAa-ZzEU0W1WvF9g&rsk=0&rcs=gxq2MIK4aW_PgR6grdse5w&cuid=91ccf37a-d9e4-4cf4-9523-06e2ac389cba&hbnr=false
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 8344d781da0a91ed-FRA
content-length: 0
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dcl.htm Show response
rt3062.infolinks.com/action/ 0
37 B 140ms
140ms Script
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3062.infolinks.com/action/dcl.htm?rid=7e9b647d-554c-4ea0-a5e1-e4deef2f7a96&jsv=1895.006-3.034&capara=%7B%22mode%22%3A%22default%22%2C%22markers%22%3A0%7D
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 8344d781da0b91ed-FRA
content-length: 0
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame CB36 12 KB
6 KB 131ms
84ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 06 Dec 2024 09:11:46 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CB36 9 KB
9 KB 168ms
81ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=132&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2Fde7bb98efd3a445e80511badf471eccc_eu_oveckarna_vertikalni_hneda.png&v=3&w=596&rid=4&s=tjTSKSsIG8TQAGicRvuOPnYH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

69bd2df73c3c16a1a57407663d6598ffe1a349461a214c5e2aa816cb0fbcff44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 9479
expires: Sun, 03 Nov 2024 04:28:02 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CB36 22 KB
22 KB 154ms
67ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F11463_102.jpg%3F1637921162_2&v=3&w=400&rid=4&s=Y7TV4IKYmPwHaoQnJZw2a1ST&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5fd058e8362e305341a3ff93766fd9e3863bd93e79ef24e04089564e528c5a1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 22540
expires: Thu, 04 Jan 2024 04:28:09 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CB36 3 KB
4 KB 194ms
107ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F14484_102.jpg%3F1661517606_2&v=3&w=400&rid=4&s=KRhrsFBZCKYtK6BJGxisaza_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e61982666f8e828ba57941c43933eb441d35a92113c597d977c236e846b4463b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 3432
expires: Wed, 03 Jan 2024 12:22:47 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame CB36 0
128 B 124ms
38ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=4gM4HqGB0Kc3uoZKJZuGIF4SZMT5YCFaUkEhB9QW_b9xzFpABBtrCi-2qZaIg-bFPGzKWQ-IDX1Yox4M0mc2lE25RCEZF1ao2bj7AkOqI53npHPvxUGLmzyqF3rDLrFE5TSEtqSVHXvwj4mYxzGlqtwQlHBVjKovTES0lx0MGwJzPYLRTzscrQNINbYshAJ3WhbEnLbmmNeUM5x-jyivQQrB4IfXp2g446_cNMLPjR8sQ73aNgqP_oL4GjKAF3n4OCA8Og&sds=2&rev=89682&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 12 Dec 2023 09:11:46 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame CB36 2 KB
1 KB 122ms
87ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 06 Dec 2024 09:11:46 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame CB36 2 KB
1 KB 59ms
57ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 06 Dec 2024 09:11:46 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame AE00 2 KB
1 KB 69ms
40ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXgj0QAGIqoIVSUuAA490lbfphOX9AYoyKrXqQ&u=%7CVlUSK7hdHRtAqC22zvHIPq2wDegYpuySWesHgZP5%2Fh8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1FM360W5fDRRk0p77j3wRumtxgql90VCft6Tx_dGkbmjJDqiSU-5iaaO351e886TbZHQWMVZQXFDjNmFB6uXfCex8e_DGfMGy1axkGyrR0NISbACjWnTEaP4OxhWwhHmdkUDQ8ArvCtVCzGZHsXNNF_It6Y0k-IMrUiCuPVkwiFqpT0neSkdG9uGwk164a0pApjS2FGLn_yM7p9gDSbNkS6UiPD_bmBKI-O7AUwT2y86ndSwzR32_ZTt5IcAXYqVzDh2oV3CHu1GrZ8_EjftISXFhqAArlOXrjEJn343ur8y1cldUNlhbvGTexQ1e9KrHpGEE-XmyTUbXPJY3pyYc4oykAWrbsJmUgy9ZtxGmislXC9udXTG3duQ2hlgVPOFcyGXuL3HT938k9Cw6uWpnczLIkFqxZkHQhrg222ngrmyQ3WwWEZj1-Y2euLMVTjeBra76IjqK63_aKt1tStQyz7usKgqAeNbOyCbdpHv5R7Is2n9Kic6Zqrl3aMq_90oljr5Nnpj33qIR_WuKswraMxZStPhaS0-lFNb6c2zgv7H-sTdqmGsREw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHJ2h0SN4ZarFGK7K1PIP0vu4oArJntKxXNWdkfdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTI0MjE4MzY5MzM1MDIyNDLIAQmpAlzkY4S1ELI-4AIAqAMByAMCqgSfAk_QTW8YgIQXhL4EwVYtpzGQI5qdujvBxvrpRQKKIVKP34DkLl4o91JECCp_fjuJfCkib-oh8pS-ZE4Ik_5XsJGnv3mfgttsy2YgOcLlobJeT_G0LL_ySUaO-ROLWEITI8uUtdPaMlIjfreTHY7lLeZJuNcx4q56OGmKBS0_6sdgrdrZpFATCaKTlY-cTxO-4UOr-YT5lqwD-Vxga3-xZQ3oSHKC65TioHqGRtO_6euP-ypEDuh0-hHtp1dGhUQd1abjq1S3rkFX0eh0kDUukjRZVbytOFYxp5BuAGnuB6N2WD0yYPILg4Dh5DtVGHq1snyAe6-Ch5nEn_t8BrBmgLzJczfaCY5gcTABHMtmJ8uETR-RhBDw58P97PCsPjb24AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlJGmhMeJgwP6CwIIAYAMAeINEwi4zqaEx4mDAxUuJVUIHdI9DqTQFQGAFwE%26num%3D1%26sig%3DAOD64_1peTgFRCT6v59ezUeKpL6DNFmB5Q%26client%3Dca-pub-2421836933502242%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 06 Dec 2024 09:11:46 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame AE00 2 KB
1 KB 66ms
37ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 06 Dec 2024 09:11:46 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame AE00 308 B
637 B 65ms
37ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 06 Dec 2024 09:11:46 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame AE00 293 B
621 B 67ms
38ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 06 Dec 2024 09:11:46 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame AE00 43 B
347 B 54ms
31ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=cOLIJjxU0b6L-aiYPKSx240RYS_0q07yDj8nnELskeb6usC5p9SaGarRN_e8kJ-ZLB9mcItSfVQD-y7CULcDtBQ6poCydtUNluZIA3hPrkucz3s6NEy4Pqzw7SccLWuKCT8iBlN7JD4tQRhjjv8-2HPvrBt0KknYT9_QOSD_S57aSeqiah2PGsLahBwKZ7eQJWA1PxVBE8pOt1r9jGyEizsuFpdHIZkid_mpm1z2PnV3BrFtg17Fp6lNKQdZu-nZNbCv0FyhRjKi4s1VvRe0JCcrl216VLgThG8rfaroTo0qtn81u5iJRTEjfhWXimO5FVji_g1aM5gV3Arx2jpB2WNGwa-80Fi9YRklvoN8I5wJMOvZ1F550iLyQ33ASJL6Fm5x0qA6oNioK2hgnpYagKmR1YRrnmuJhlkiFLHCKhFIJqT_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:46 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1602464
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 adview.htm Show response
rt3062.infolinks.com/action/ 0
149 B 142ms
142ms XHR
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3062.infolinks.com/action/adview.htm?rid=7e9b647d-554c-4ea0-a5e1-e4deef2f7a96&bdc=2&midx=0&emd=NTd-bnVsbF9udWxs&rts=1702372306245&prod_t=d&jsv=1895.006-3.034&skin=sidebar&theme=nologo&sdata=video&scs=dJQMLCKT-n&rsd=HB9tL8AFmemoeI4jrvkiUsAYLeNHG9D0LHiRYkfkpY98pes-cgiEGFQ8w-wz9KY1OeHcC2DElfGPLJ_jl5_iplWJpS2TmEVo8fAZjuAa9uda33NmgGynf1U215eQsZW8YD1RbMK6x8jwWXafhHWumJevupvfAa-ZzEU0W1WvF9g&rsk=0&rcs=gxq2MIK4aW_PgR6grdse5w
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: text/html;charset=UTF-8
access-control-allow-origin: https://uintacountyherald.com
p3p: CP="NON DSP NID OUR COR"
cache-control: no-cache,no-store
access-control-allow-credentials: true
cf-ray: 8344d7821b0b2ba3-FRA
content-length: 0
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 bloomingdales_728x90.jpg
resources.infolinks.com/static/brands/ 10 KB
10 KB 36ms
34ms Image
image/webp 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resources.infolinks.com/static/brands/bloomingdales_728x90.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a688d9d2a0809d848b6879524e5048bb07a91c0c3199666713b2c10e281332bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
via: 1.1 google
cf-cache-status: HIT
age: 2384
cf-polished: qual=85, origFmt=jpeg, origSize=20330
content-disposition: inline; filename="bloomingdales_728x90.webp"
content-length: 10300
cf-bgj: imgq:85,h2pri
last-modified: Mon, 20 Mar 2023 11:30:07 GMT
server: cloudflare
etag: "4f6a-5f7533fc23200"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8344d7821a4291ed-FRA
expires: Thu, 11 Jan 2024 08:32:02 GMT

GET
H2 200 adview.htm Show response
rt3062.infolinks.com/action/ 0
42 B 140ms
140ms XHR
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3062.infolinks.com/action/adview.htm?rid=7e9b647d-554c-4ea0-a5e1-e4deef2f7a96&bdc=1&midx=0&emd=NTd-bnVsbF9udWxs&rts=1702372306258&prod_t=h&jsv=1895.006-3.034&sdata=dream&scs=6BEuOjaHSt&rsd=HB9tL8AFmemoeI4jrvkiUsAYLeNHG9D0LHiRYkfkpY98pes-cgiEGFQ8w-wz9KY1OeHcC2DElfGPLJ_jl5_iplWJpS2TmEVo8fAZjuAa9uda33NmgGynf1U215eQsZW8YD1RbMK6x8jwWXafhHWumJevupvfAa-ZzEU0W1WvF9g&rsk=0&rcs=gxq2MIK4aW_PgR6grdse5w
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: text/html;charset=UTF-8
access-control-allow-origin: https://uintacountyherald.com
p3p: CP="NON DSP NID OUR COR"
cache-control: no-cache,no-store
access-control-allow-credentials: true
cf-ray: 8344d7822b2b2ba3-FRA
content-length: 0
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 underarmour_2_728x90.gif
resources.infolinks.com/static/brands/ 22 KB
22 KB 38ms
37ms Image
image/webp 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resources.infolinks.com/static/brands/underarmour_2_728x90.gif
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c95f140839c18088ff96195a640b3840f7106958d5975b492637127859557824

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
via: 1.1 google
cf-cache-status: HIT
age: 6098
cf-polished: origFmt=gif, origSize=31282
content-disposition: inline; filename="underarmour_2_728x90.webp"
content-length: 22680
cf-bgj: imgq:85,h2pri
last-modified: Mon, 20 Mar 2023 11:30:07 GMT
server: cloudflare
etag: "7a32-5f7533fc21a90"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8344d7822a5091ed-FRA
expires: Thu, 11 Jan 2024 07:30:08 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame AE00 12 KB
6 KB 85ms
78ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 06 Dec 2024 09:11:46 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame AE00 24 KB
24 KB 162ms
123ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=268&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2F2ad0250af6b64105b12172cc0682064c_eu_oveckarna_vertikalni_hneda.png&v=3&w=596&rid=4&s=2GjkwujxunPm6mj-0umNW1W1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

92ad632cbc67af32998d9b07a4af5420b47efee300c76f67861816ba98a5070e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 24131
expires: Sun, 03 Nov 2024 06:07:50 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame AE00 9 KB
9 KB 128ms
89ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F4123_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=EMf7Q7icODySE6pGeqSq5Vg9&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fe541d5a8862d0ee4f0ae66b9b3c5640d3131f0e2551608fd78a9b92f4cf48c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 9014
expires: Wed, 03 Jan 2024 21:55:53 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame AE00 9 KB
9 KB 192ms
153ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F22849_102.jpg%3F1699534366_2&v=3&w=800&rid=4&s=nSHmuEHsFer6KUoFIwUj1YGp&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

eb74bc6b392209ac043bfd102e03cf213ab9fad17ea2b85eb12fe7286e9546c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 9386
expires: Mon, 08 Jan 2024 20:32:02 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame AE00 4 KB
4 KB 147ms
108ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F1%2F7191_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=44yIoh2lJhkp-q6vJb2ZtE0V&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4fe986bb5e7933e555c614aa80c43bbd465c0e73919f40c10bf9343a3e90b91e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 4184
expires: Fri, 05 Jan 2024 08:38:12 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame AE00 22 KB
22 KB 148ms
109ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F11463_102.jpg%3F1637921162_2&v=3&w=800&rid=4&s=roh5iC6wcuNgIZlqL0AhDz-j&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5fd058e8362e305341a3ff93766fd9e3863bd93e79ef24e04089564e528c5a1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 22540
expires: Thu, 04 Jan 2024 04:28:09 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame AE00 13 KB
13 KB 169ms
130ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F5%2F9995_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=D22Qwgoe0d23ZpIFZZlO1ZOA&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e422414f4aa493e470ee85b8142cd51142f661603337694399421cf87db670f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 13368
expires: Fri, 05 Jan 2024 04:53:05 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame AE00 13 KB
13 KB 117ms
116ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F7319_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=m4AqIPT6vKtBi04DUEvAa_5I&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

76ee0961e6fc5fe6be30f86e379b24c011ada622f43d9bf323548cc656d6cb28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 12824
expires: Wed, 03 Jan 2024 22:56:24 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame AE00 5 KB
5 KB 122ms
121ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F6%2F7966_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=bcZm-K1wNfU0gWmBhz2Tvb9y&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

14392c9baa0d1e691f861f1bfa0cda3caf6d3080edfabda0a2c276dfa13f2afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 5320
expires: Thu, 04 Jan 2024 12:41:01 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame AE00 4 KB
4 KB 138ms
137ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F11129_102.jpg%3F1636111187_2&v=3&w=800&rid=4&s=aXMKJPSZvpYJHB8wxWoi76_3&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

98a2fbbfdf666c4b875ed5d04436b77dc3890b85788f085967b51bb0305bbee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 3748
expires: Wed, 03 Jan 2024 22:15:21 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame AE00 16 KB
16 KB 126ms
125ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F2204_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=owQ2WY3CxCFUf4ETDUw4IY-t&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bc531edb737131beee262d805228188423b842a23009de519fb84005ef60fcd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 16076
expires: Wed, 03 Jan 2024 21:55:52 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame AE00 3 KB
4 KB 140ms
139ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F14484_102.jpg%3F1661517606_2&v=3&w=800&rid=4&s=enNU2VPPv6Hq8xMwWNNi-LhB&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e61982666f8e828ba57941c43933eb441d35a92113c597d977c236e846b4463b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 3432
expires: Wed, 03 Jan 2024 12:22:47 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame AE00 8 KB
9 KB 126ms
125ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F10289_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=8FTw8xYojgkpP_qJ47L5XP6V&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

37f81dfa473e551ebde3be297dee64b41c2c3d67707ad27c2ea238c37764d8bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 8586
expires: Wed, 03 Jan 2024 12:47:19 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame AE00 18 KB
18 KB 139ms
138ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F19643_102.jpg%3F1685609510_2&v=3&w=800&rid=4&s=J87V2DYImw987k71sGcxMrTc&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fe7c3ea250ba6973d0af67cd79aadeaa2fca0f78776d5616d03b0679d2704a47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 18338
expires: Wed, 03 Jan 2024 13:48:58 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame AE00 0
127 B 75ms
39ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=LMoQoKGB0Kc3uoZKEcdisezS97QrSfYBrLa7GZUhvguR3rLDtIDsQ9usUfwCnR6cml0JppddRDJSn4DF0O9NBJLz33RDrBaA0vDba_kjqEb7yszwoSnJWl96tCUM8r9KCrRYtKtqOfcyFI06W1K92VUkiJLCikhz8vHH4Pi4NPtvzWwuMEmOTTB_nBWknZg_aQfMyzd_9OYz7FXNjp7zwnCtkNpFCJ_e5_EVSvo_6kfgxD863MNeKy_Vgk4&sds=2&rev=89682&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 12 Dec 2023 09:11:45 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame AE00 2 KB
1 KB 70ms
68ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 06 Dec 2024 09:11:46 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame AE00 2 KB
1 KB 58ms
55ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 06 Dec 2024 09:11:46 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/987057/61527017/ Frame 4471 256 KB
77 KB 152ms
47ms Script
application/javascript 99.81.22.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/987057/61527017/skeleton.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=pub-2421836933502242&ias_chanId=1&ias_placementId=20343401207&bidurl=https://uintacountyherald.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jTD5Qlgr-e0bPWe7n9zjNE
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.22.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-22-6.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 0ffa8ac36afcb4a48e7bea32b73f4095a9c8d28abe49ecfa0d0672b2cd17ef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:46 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 4471 111 KB
39 KB 82ms
20ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
Origin: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 20:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44708
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Dec 2023 20:46:38 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 4471 11 KB
4 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5J1Tt7TApxSNHcTh3_la-gcM5DNNvgFU7byz4WaRSkd8kdC7-OOk1ePx3xxfvRQs27joTq9oZoUn0fWRaGb3UN-gXGDhsnhv2lh3fkdB77etuCBl2X4-fUJGndWcJQABbg5KG9VjJTgf51FGvZ33Xf2N_uAw5b3o8BLtrQ_7tZtTlIzY&dbm_d=AKAmf-Dyu2SF7PT5Vbpc42VcbRX1m65bdngYw3St-EdJVqLp6nmciNYJOT_5WtTqXxY7tq07od58IMO5mNiYwr0g1tboVX6GBicmQ-UKueOGifVKevC1sB2D9wE0o8PSQf4LUlEV24Fx24lRpN_rO6bwKCU_m-9dYpc7sLDBNl_bL-vMPTLq5WABNfTO8c45eAjtBrurbZBxwGbI7IhHwiRgGxtQc8lUZOkJk0PJsD1yuzF8okdbeBkPRbBHoY87vO8svcmSoREpUhtFOYUbbUE81u6as2ni1xUAjKwLn7C5iufSWWkkT2uK9D_3Wk1wt1WNmGz2bpzgHnliZKX-1s2n-rCBVcz2l6BOLqfuiWvxlIx5Bhnl2mPkh_OZRGvYTkZFzkpV6tS4hBY9RBAD40cWypVLeKgpZTxZ7CkqWYvlrEPA_n75V-dk6mnyt8iVsx7JVcMUfT_PS-AooPEzHI1VsBxdLCJXeHs33hqXyTwVfmBNEYkjl3hRx2vntCgem5QDFD5G5_pXfc8uaUZm32vIZk659pfPvJUql8SYbAWBogKPAmWDrm75RibtKvGOAIYatWx4g5Eot5fIKRV6mYHVfgtx9fKLlaVWropTJJI2B9jMS6vOLsC2k_Lz76ngkbiVG4OP-pit-BrSgBGdVSJgV66jxWKKMSEC_s9GdCp1UDjwOkLfdZIhxltDO1AHG-zMbU9eah2bLnGmWM2JpJOJ_8MWPAG0Nd1a80JRhno0CUpYb2jUQoA_bSHP4R37nuNrvS8OgqJVP9N2hFmzIxQdheSnQWDEJk6eOBnmL1v79xO7xWQ5W81DLd7iB5Y6ssLFD5gVayYSbUZN7c8OxuenqV-1d8b1VuTFglwN6KHvxYrIeaPjkF70AW8QMhVQSrw3KXj82cYFMuN23gsgjINNIPt8YW4ofbQUTysW9xU6t_dq0HBPzLc9F8eA3bG3Qsl19EbIB9GBhN6OL-aktWTHuR5zC6iPRKduAJkzfBkIne9VSDdPSdiNwQ-S7uwqgfLQ8DB0Cb1c7uNCR9WkjaXxbIKgO3tQEkvR5nzW0eO-i5mhUonlcH_H5iMwSBzqGcGXQ6DrrVNjieYGCrO01BSFzckQeovle7oymik5bZkJr0Ip5qz3sma6DHD22NqxscGBJwDMV259lyUBQ7QVaNoMtjq304gaI08alGf78-hnNdbx8s_TuMhkVobo0MvkP20DM1VoiYFq7nfb5P7b5Kp_Ik_oxd6o78NWyfRtxRVZjRM19oKn9UqKjTMAh9Ns_y3wuc1US6Yq32r26R5nXYEWj7UgqOcYNRd8te12O5eVhPyPhJJ2kP2m4Kb6lCLa4QrJr_N1t38kr_i7qMIjneHEyF2sxOJrjUdoudZTZ-Uuk3ZAPZqtsZPbn0JQy_zXbeV0qZHW2IeO7oI2d73PtxL_wHX8UbFkWk4Kno9S-aRdcBguEeqWY_CCo0FnB_qSoG9qGM6YiDc1hf0vec8Yofyq_5FyfbXsSfPMPJSLpchdU0XoM7E5d3nr3W9TKVmelpSLsCiW3mWTSjbqxNTtkG5Z95qScM-akyzZBKHkoUS-779XtLc4ezpDYXAS48qxKbbZn-aBaDdBR0eTgw4MShtdJ9kPh67lO1-aDu99XB4f4UJCSjGQ8t90_IP1crfCaPtyI306VuNcTfBlqgbt3ek1J7aOtphHrd_eEJvKTLfsCJYUW8FDeZ1Hm9QPDKRxZCy0kOlmPxiSZe18ec81g__OviQPtBlGWVwoVYXJ9BDr6xhSLMsw3rknIOhWB-c7IHOKC3SBucfKS9nj3BYtcIYeW4ttGLdPsJ1S_7QQwre5KP3axRAiYlxqLYEGng145Cx2Ydg2TNcUFT2vZ5Qm2ALLO0ZK2vUSa_BbdbTIm3qCjezgc7KxVNNPQyaZLfbCc8mK--1WCxsHSm39HINVIOqkGB1TX5m_QnsY8g-mchljNrLRdQcYXBqoACkELjfcmOlEJnFa9PSKuanlPCpIbqLemXQyI6hAgzVCESwpCWbS9Aup0mw9R_AcCb8vC2QwjJUG9GHlY3B-2Hqqeh2IA4i5RasvrVkoHlBXuKtkFdoXDj6neNYwXvhJWBiB9Pb7z502wyKSqi0pYUt6RQhGxli6khJgxEHFswA2-DY-0ZojKke5u0YYGLKbd0VhyJ_2Tl-L_YULgYKUoX8fpvJytCHkL16vYdwUw2uBOqKW3AkCq5CG71_5H1BtdZhoCQEKug7nD84eJ4oBfWS_DanvAC0xX0P4iGvPqf3l8Ov170vKLfn8UyNhksiOnp9De8OQVgR9p1qCfV6EVp_33vByWaGjFNGfqiAdam47m2t8ntSNr9PhZx01StN91Lc31wPLgt3neecU1cfgeAs2Pmv2O8e-r_FPQqDjwr4Bj_hn0wo7f-BbkHMw6UGcPqILVYR0ON3XM23_sSnkdTYMIEB4FzWh3XRUxvwtVLda7bIrxVBSVbmCq0O28Vi6kuyf6pyEIP3ddkgjyMewksxawKXXOUjKmFCO3NDZSPZ3US8MzHOyQDHMi1W36ObVTeDAzuRMSS40r-Jgm8GmgBwyLyUmK-d6k7eBygq2VOj1SFizZ2a2AORAM5AqEtyX9gogM1e0m0zqmKFac3h-m8TXbxp4ZVEKVNyyFGcayPPIMqBToNEPryCKkATaQf6WVXSlCEo_F8rf6ycHflkz3cletsXZ08aFWSW3EUK8W-Jy6oJYcrbGH3udIDVEqLyFI6u-2LG-fro2nbgLxBFyeBovNdVehy4QS2YWKSs1Dp33A6_ApzlNp12xiN0GsuvpcPzF1WRJFfHzXMjHrPrc0vdRPfiU0ISFM19PkU69ihPUCmVhz4q8WvjWlr2GzoLVkJqiJ69kItSNpwKbIwL9gQkY6dfjWKddRI8fsB2rPXDiP7nQLAvXWX7eLgWIK7HSwoNWtQ8HkTM3-wf29jYC_WUQtcKV46p-WUXXVNn2ztjIFKGcWlwlbi_SiPlp0tLb0wMGMFjDveTTzMTaZoqtW9cr4mcKF53_8elVQOGWuZlR8wMYfrGugekmUUWNUmroZei_P_GwOxIPLNT5ZO6Qi0tbTem4SLcXBe9Kbx8na-ib5a5XYdvbW6kd_Ss2na1bxY03CCsKiLQbPbsqAOkkO2c3V1haHW3X3imWOPZMyE-OVM7xoarhhQ6xHmn_xz_kBOQ90nYh_lWSTjCxJ9xxyf4y2n3nmAttemsvLGg7SjBxav1tzP88cwWZSlnYoYtDFYw6CudbbOaEODG81HdsCBjQ3-U9K8tKkXI39c8ms25qPplm13BzNdbqeOYyyHPB3U3STGTs8I6cfSHrupW5177MHEo4tjImqcKQEQeD6zKxF5aFjShRGLZ8hBTtBR0BhP-_Wdv_DY0VZt5coquJWRUbAjgMO8bH-0xqWa2KHiKu-DOi14d5RlCte0WZjd1NCganGkdC6J8r1tVoEtH9SBQInf4n_YAL_U0RpxZTCsmor2nhAeRW4AfFVs0bo1jQCjTMJObJdq3eq8PzV5XXpRtIXlAtrjDpT6bJ-R2xFw6eu8W7XRMN56--c4PpCex4BJioK7gK9KnanDBOj_FDo3CttzvRe6LA_mAufob14I1BosjY4WzXbWShoMtq-IzVfnLWsJbPnLrd-oKEJPv2ruxwSjTX-7QP_loWTHvV9Hz1_YZo4egXO94QxnxRhZT5jM0_0MXl1Y5QE4kahFU5HJaz94vBsqHJwwVB1u83suIRShPtO4nuOJxjd4gIWVJnjK-uebP0SDe4DP5kAMsrAvoIp_rzip-Otu1GFWfYoy_N3k3xeRspgIt9bu31xJJ1za_jGHkBzuBsws9IeSavxNg98_jnJumt4e98dRUnh7QPu5xe4gdp_DxEBqPd02CRaYpTMXUAYwUpfnmvnWX4ng_sxyor3dKSdEjgCJF2ZuG4AhWxnESUqabWSbp3nU7C01TPYLVhGw4ESBAyah2Q0wLSjJHLhfew6J_ZYJK44Z1x6BIsKEX4ZALk7fgMFm5VHrplaM1u1gO6p3raiz4ARTXHxAJMZq750yShQ3FxDg&cid=CAQSTgDICaaNjclku_S2ItL8X500NNljTNDenaEfD_gYExrO-FazBQNSeCIcrN6YaHVwdv801mTExwvYEB1jE-Jct-uHZwQHrmmqFV3zU1t0fBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fuintacountyherald.com%2F&ds=l&xdt=1&iif=1&cor=3847533235364936000&adk=1964084971&idt=154&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:57:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26028
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:57:58 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 4471 31 KB
12 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 21:30:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42082
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 21:30:24 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 4471 41 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 13:24:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 13:24:47 GMT

GET
DATA 200
OK truncated
/ Frame 4471 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 010a3b1f5e73f1dc215c8c9a32321caa8e7aafa195c0c4de983f124fc232898b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202310231203/ 264 KB
84 KB 38ms
37ms Script
application/javascript 2606:4700:4400::ac40:90a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/yjsuMg1kkWeWHf5qo2WHhexYOVs/gpt_and_prebid/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Oct 2023 16:04:16 GMT
server: cloudflare
x-amz-request-id: V5SDCTQPK4JW46VX
age: 2803973
etag: W/"866ce4ef9ef41c261f6060e4f642bb88"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8344d78299df9295-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Wr20clSWNP3wIRXU93KDuSUnFrrJ5sirJ8u6JJlr/zDKRpQvkMnRO49RCQkrXdnDv9tiQZFcNO8=

GET
H2 200 diberp-tcx-v7.13.0.js Show response
www.americanhometownmedia.com/static/ 328 KB
103 KB 206ms
22ms Script
text/javascript 34.120.58.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.58.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 62.58.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c02ccf4ffd38f6e1602a17e22029a37e1827a19cc5b202d5268c4f9c9336a38d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:27:01 GMT
content-encoding: gzip
age: 1093485
x-guploader-uploadid: ABPtcPpUAjbyUP-DYvJnVoOux9SOAGtkgt0qqsONUWk4ZSbQy2defMDuMNSw63l2yySWAyflMLCwVqSifg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104504
last-modified: Mon, 29 Aug 2022 14:20:21 GMT
server: UploadServer
etag: "f085c7609fb7c47fb72fd768d721373e"
vary: Accept-Encoding,Origin
x-goog-generation: 1661782821233427
x-goog-hash: crc32c=qwVX7w==, md5=8IXHYJ+3xH+3L9do1yE3Pg==
content-type: text/javascript
cache-control: public, max-age=31536000
x-goog-stored-content-length: 104504
accept-ranges: bytes
expires: Thu, 28 Nov 2024 17:27:01 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
28 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6dc0f708a097cd14fb166d1c3c4924cc5e284daf736d1d273080cc30ae6cb559

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29124
x-xss-protection: 0
server: cafe
etag: 584 / 19703 / 31080056 / config-hash: 11999804698944333348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 09:11:46 GMT

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame A8CC 38 KB
13 KB 21ms
21ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 208
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 09:08:18 GMT
expires: Wed, 11 Dec 2024 09:08:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame A8CC 39 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 21:30:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 21:30:24 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12784067222800087067/ Frame 202E 141 KB
22 KB 63ms
21ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4f828bd932e3d2cfc41828f719a08047655f9572c4cc79828fc336c23a6f2ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 14429
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22859
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 05:11:17 GMT
expires: Wed, 11 Dec 2024 05:11:17 GMT
last-modified: Wed, 09 Feb 2022 10:31:32 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4471 0
0 141ms
65ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu7rI4z0TdryxtlRJQmkDb44uUSPCxANMqwdbyrakx3oRtE7s7Sge6xZ6u-Rfgkymp65Yt_ZFmHSn7pL3qrfGv_1xMG0Dv8rMPXyoOXB6ubQFT3PPniuvXDYck2Z9WpaU85X1Z1-Q9GbbiYVGyFaCC4nIMbKR-hp5MU-hkms-qnOy795YvXypVa-lFhMdpdxEz2-kNftRNFTDx9rjObm2rbOg8XA94xHTWvh-vZi06_POmJqje5syq9xxN8dHvNzW9Obujh07-l_v37C981s6VcoN7hXQqjjMKRWPh7Be4K92wCiFt_XR_0sY9R4bVmTburMoJcK718yBUdh29GKxHjOP_J1zxhYsxqtHxmjaO8hC8DoHiWFZKSp9y0hxG8utjW0Rfio9JQAEr3jclx1zwJqmS3LYNYmtid0BUKu3JR_lhetyyPTu1cBDTjjluSo9K8ofxpHlRfhixWf9KekqI3sqQZspFPBhC4NxrVALFE2Ok3Yh3O8fYlmLjmL7TVvXYSRjyEUy_u-cvxCuiWiKxX-ongRvTw4yxE0989XGjNbgIHGSGPnk_NxMijdRI0v6bWrfc4gBFeV8hrZzCMWMHYXLgPk2usv-GpvLsHL7-SW8qjJ-v7bctTkje6Ed6l19789_m1V0vCDsnk01fHWKkHFdqYpBLgZG11MaVtFZwWRS3xkFQTfEfg065U_r49c88JoIWh6QRoLgNPVwfmdb7CSfYrnuH3BgQW_ezcCxjP8x_J7RW-h7iFrFtCx8PchfNQbiGzfZr-UFQee-GpgiVosLv65qdx4TQ8Vh-AtQE5o5PjRLuE69FzT0ODwEw9Y25rcXGG4tQHeGwgxcY2JtIGTgDRP-Nv8H7X4QvHMz3S0jcYXUEW9_nFoU4nN5pYrCzB2hllMKZOruWKhP3YkkZTk_a_Ro9FuT3762HoRaGsJAEudFNJi1Fboi6x5eeVnopIDmU9MCULvFVZmw9Mry_9WOCNDHKks9hgfPr1ikmKdZNEWeXAQjegJjmvOwUU-Vm8W5OgEQsWWM4rV5FtObhrbhCk1eVsLeApDfsBNwAYjSEL8ph2L5pRYcpCAfW9sOtM6qrV8HeazB1sd9GwRkGef3JSGM7VRDOzLEgQb4Fj40Wfkw1sg3BubIaV3PcuIR8w71ENIRmmKyjWvx_Rq57kN5Z7y7uHZyALYLrF-fYYBsCWWce7RC2DiRoo0IkgER-LyUUguKVX_sIcFqZstcn_GYudAnbp7aEFvzibrYbRdxqv08JH7nzS3GDyuTe9FjTQfq_RAq_oPTLe6k_2bv_2jSpVOExfziAcsUmQjob0BCZT2Q7hKKLJwJatRLrgI-82JY0a6EKQ3EUWtSHq-Gvj4ds_udnwDI7JhB1sSUOuOFkAofCroMP70W5glS1RSGVnMREPq-CbPrfCH_1om1Nk18i5nu9EGhnztCqEwGl5pdfxG16mrAkQmIQOl9m7V1f7G2BWYmsk9q8qEAxoRm2lUGemv3jCdLB80jQEQtfuJwbxslrQFtkxSgXh&sai=AMfl-YTQA1czx0SbRPmwGHemGVf-e2KjGVFxIsdk1-sgymDtbTYkyQk4zjZilHmNtVDUr6NABgL4x01SPllMMGctiJkQ9nZ_TDIFUDDYrD2ltc1S4QaEAbfWcFhay9dqewiZ18ZBcJ7PYkK0QTymTLP_pMD4mpjSE0hJr7AX1Ak4KzvA6crB5zh6KPcnhEC5Ic62ZyiuuugdKDLRzWRjQn6Bs7vAZSWvD4puSx_pI9Yxlh9D5jczvJX2JGF1VvNh-6pxlteUpg31atMTx3afdPizPsZE1ISu9BN7D-wBb1VBmVYkj9Q4n6luecE2jDYGzQ&sig=Cg0ArKJSzD07c3Dlz_UuEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=144&cbvp=1&cstd=142&cisv=r20231207.99622&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 12 Dec 2023 09:11:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CB36 3 KB
4 KB 34ms
34ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e61982666f8e828ba57941c43933eb441d35a92113c597d977c236e846b4463b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 3432
expires: Wed, 03 Jan 2024 12:22:47 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame AE00 4 KB
4 KB 35ms
35ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4fe986bb5e7933e555c614aa80c43bbd465c0e73919f40c10bf9343a3e90b91e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 4184
expires: Fri, 05 Jan 2024 08:38:12 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame AE00 22 KB
22 KB 40ms
37ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5fd058e8362e305341a3ff93766fd9e3863bd93e79ef24e04089564e528c5a1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 22540
expires: Thu, 04 Jan 2024 04:28:09 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame AE00 24 KB
24 KB 42ms
41ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

92ad632cbc67af32998d9b07a4af5420b47efee300c76f67861816ba98a5070e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 24131
expires: Sun, 03 Nov 2024 06:07:50 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame AE00 13 KB
13 KB 43ms
43ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e422414f4aa493e470ee85b8142cd51142f661603337694399421cf87db670f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 13368
expires: Fri, 05 Jan 2024 04:53:05 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame AE00 13 KB
13 KB 43ms
42ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

76ee0961e6fc5fe6be30f86e379b24c011ada622f43d9bf323548cc656d6cb28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 12824
expires: Wed, 03 Jan 2024 22:56:24 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame AE00 5 KB
5 KB 40ms
40ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

14392c9baa0d1e691f861f1bfa0cda3caf6d3080edfabda0a2c276dfa13f2afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 5320
expires: Thu, 04 Jan 2024 12:41:01 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame AE00 16 KB
16 KB 38ms
36ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bc531edb737131beee262d805228188423b842a23009de519fb84005ef60fcd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 16076
expires: Wed, 03 Jan 2024 21:55:52 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame AE00 9 KB
9 KB 40ms
34ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

eb74bc6b392209ac043bfd102e03cf213ab9fad17ea2b85eb12fe7286e9546c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 9386
expires: Mon, 08 Jan 2024 20:32:02 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame AE00 4 KB
4 KB 41ms
35ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

98a2fbbfdf666c4b875ed5d04436b77dc3890b85788f085967b51bb0305bbee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 3748
expires: Wed, 03 Jan 2024 22:15:21 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame AE00 18 KB
18 KB 41ms
37ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fe7c3ea250ba6973d0af67cd79aadeaa2fca0f78776d5616d03b0679d2704a47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 18338
expires: Wed, 03 Jan 2024 13:48:58 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame AE00 8 KB
9 KB 42ms
38ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

37f81dfa473e551ebde3be297dee64b41c2c3d67707ad27c2ea238c37764d8bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 8586
expires: Wed, 03 Jan 2024 12:47:19 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 180A 0
0 67ms
65ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CorP00SN4ZavFGK7K1PIP0vu4oArJntKxXNWdkfdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTI0MjE4MzY5MzM1MDIyNDLIAQmpAlzkY4S1ELI-4AIAqAMByAMCqgSgAk_Qpxnxm0Uy-ne1fofyKOABwDkzVBwATO2LOvhFZ66_INOe9u1Z2frpGXy5nmnhLWZYlrie9mwZ_IOyrf9jfsD5YkqkyQV9XZAHU-mfl7eJ476xqkw_3GeZ2ZHhOK77lO5iDgO0PwTmAZ_43FudtUdwWvV9Wrp_OOvd0HDRwpQn8vCuPmQtrZpdTHWi14i_BY4dWI8_4FIcfNTLbHm8ZAR_SRoWjOqNw-34bscCoUS01xtFcipqtNHTY2Q8C4bGbK-EHVW55bPau149_iNY3EzUwGzxf4k8V0BkK1VarjWhqKLS9EKkD0kAd7g4dYCqdeA-LQkEJ8Ex3jWSaBCpbAZ0w0TSjr5TI8XrHwSiq5GTfBrVJyQ2ulVpen18x4GuqOAEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSRpoTHiYMDgAoB-gsCCAGADAHiDRMIuc6mhMeJgwMVLiVVCB3SPQ6k0BUBgBcBshccChoSFHB1Yi0yNDIxODM2OTMzNTAyMjQyGMu9Kg&sigh=xMAUW5nnUPA&uach_m=%5BUACH%5D&cid=CAQSTgDICaaNjclku_S2ItL8X500NNljTNDenaEfD_gYExrO-FazBQNSeCIcrN6YaHVwdv801mTExwvYEB1jE-Jct-uHZwQHrmmqFV3zU1t0fBgB&cbvp=2&vis=1
Requested by: Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 180A 0
125 B 39ms
36ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k47EGMc1rAL6AZ2DYgICAAAAN3344ksrQ2pw1Gd7qhT5vhDQI3hllPW3irnc6O8B9QAAEgAACgpBUVVCQVFFQkFR&wp=ZXgj0QAGIqsIVSUuAA490l6T_QxEZG4Qq2dlVA&cbvp=2

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:45 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 196389
server: Kestrel
content-length: 0

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame AE00 3 KB
4 KB 39ms
38ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e61982666f8e828ba57941c43933eb441d35a92113c597d977c236e846b4463b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 3432
expires: Wed, 03 Jan 2024 12:22:47 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 202E 29 KB
10 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 20:42:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44962
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Dec 2023 20:42:24 GMT

OPTIONS
H2 200 page-view
yeet.revcontent.com/yeet/events/ Frame 0
0 151ms
46ms Preflight 99.81.36.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/page-view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.81.36.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-36-123.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://uintacountyherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://uintacountyherald.com
content-length: 0
date: Tue, 12 Dec 2023 09:11:46 GMT
server: envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 2
x-rc-region: eu-west-1c

OPTIONS
H2 200 widget-loaded
yeet.revcontent.com/yeet/events/ Frame 0
0 150ms
45ms Preflight 99.81.36.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.81.36.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-36-123.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://uintacountyherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://uintacountyherald.com
content-length: 0
date: Tue, 12 Dec 2023 09:11:46 GMT
server: envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 2
x-rc-region: eu-west-1c

POST
H2 204 page-view
yeet.revcontent.com/yeet/events/ 0
0 46ms
45ms Fetch 99.81.36.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/page-view
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.81.36.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-36-123.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

x-rc-region: eu-west-1c
access-control-allow-origin: https://uintacountyherald.com
date: Tue, 12 Dec 2023 09:11:46 GMT
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: Origin

POST
H2 204 widget-loaded
yeet.revcontent.com/yeet/events/ 0
0 47ms
46ms Fetch 99.81.36.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.81.36.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-36-123.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

x-rc-region: eu-west-1c
access-control-allow-origin: https://uintacountyherald.com
date: Tue, 12 Dec 2023 09:11:46 GMT
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: Origin

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A8CC 0
20 B 60ms
60ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B7d_x0iN4ZbHADOftx_APgP-3kAcAAAAAOAHgBAI&bg=!d3SldDvNAAY3kmNgF5I7ADQBe5WfOP2FZ9DgansUibmWl7fzzbASkdcCNM0991T2vq2lSsvRL46poQuy3PfFWlWl1WQYAgAAADtSAAAAAWgBB5kDPLsuqi6lxf8MTVV_HcYoERG4XXX8jMVNnMU5T-eH9ug6iqVKg4qA0_VxhC2T82NqRO8gblOWOLgHBfBHaHn9pn9Kuazc0-FpvF4ZfV6xdZ2gAOn0KgLVltcyPy-0fzZGHzswBTywgMO4TaRQ1oDq_92M3ghhAxqWwb5F23UTjjQGHyRQG0OGZULB6vD_sW4gzUZ6p2eB-QYxkEsrJScbhJOfWPD0mLBwcFNzQGuO3rJZULkoq1YXJ4C6P8Qa84I58uB11j8SUAR8YI9udj0JQRgm3dyDThlyc94HIZlvN3Jx49ym9JL9HCaL4YGhKE-KOIMddpoEq7nvPy9_Ixhu1Asgbxx6wvKuobM8cvdaP-NVVCgsefRoN6NUlEEy9a5r0lEmAnGjXqG3cZeDjcidg_32P_3pPNVx0hHSMH-e2NXth4iHtz_AfcDrmcSoTRFfHSSXfqqOGw59yMt1F5mhplaQyUG9qBiHqZ8afX0EUhmkNcoqF80MullfigwQyyzS1ZSe_FuywPgjspQ7doO9gmUBUYgcFOwov_5m9xYYgpR97VrJojgs612BYFBlgPVy0H9zDQftC4TsXX_VQb-WtRIP9YsXjBym3MuhvWezp2uWLKZBJr2p18o0_GXnyqPlzH5AXNeDXTp6YmTUaYPXQqNEztqICURMpfXHJZ5yLAIhW5MzquTGYr5Xe4TGOXGAUyBhN9_8xfLeAkeKDt1uYk-XbWd_XsSKMYjtvdnwaiPJHc0ymeD-3vN1OXJUdFYZ_O8tJQNUxqw1GdGejN_ZrL01bKjYnT3YrnwIgO0E2npKTXCk1QhFiswShIv_pWib34NUAbKyU3pkjYPQKOXR37adcnwmteMkiZYitG23Ko2z1CqrlZPlzD0xXgpUIjIMW_jCV9zu39NUKiw2_Z05gT5bTkH31DF2RmDfRRjV9o7tIqOsxd5FwU_u0a8ixISY3bKwp_jdaU4Q_EXu1fgthgQxYB8m9L9L_lyf3uBSgyqNweuinfX5nLp-dgz4Lv1w-w4DFLY2IAOv7eCsuiFi7ssW1W7sss8c1N-JmkvXqdebvYZn9SQBWAg7RkYOJ2XnXBbITuIP8kjC6I3KGQ

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame EE4B
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=f886a227-6d3a-4832-8797-aaeb7ff85c5b&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=05be3dbc-4be4-4fc3...
https://www.bing.com/aes/c.gif?RG=9cca94b7359047a28b0aa020c0d9b350&med=10&PubId=162645330&DI=0&DIS=SB_15000-1-0?&SNR=1&GV=2

0
546 B

105ms
105ms

Image
text/plain

2a02:26f0:3500:1b::1724:a388
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?RG=9cca94b7359047a28b0aa020c0d9b350&med=10&PubId=162645330&DI=0&DIS=SB_15000-1-0?&SNR=1&GV=2
Requested by: Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2a02:26f0:3500:1b::1724:a388 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:46 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CA4EBE86E96C411790E7CEAEFDFE3F7A Ref B: VIEEDGE2117 Ref C: 2023-12-12T09:11:46Z
x-cdn-traceid: 0.88a12417.1702372306.9e7f9d6
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Tue, 12 Dec 2023 09:11:46 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A6B9CBC44823428C9BDD4C242CEC8F7F Ref B: VIEEDGE1905 Ref C: 2023-12-12T09:11:46Z
x-cdn-traceid: 0.88a12417.1702372306.9e7f8c5
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?RG=9cca94b7359047a28b0aa020c0d9b350&med=10&PubId=162645330&DI=0&DIS=SB_15000-1-0?&SNR=1&GV=2
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 174
expires: 0

GET
H2 200 th
www.bing.com/ Frame EE4B 12 KB
12 KB 177ms
62ms Image
image/jpeg 2a02:26f0:3500:1b::1724:a388
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7215958199395_1NKTCI262SI0MKDOK0&pid=21.2&c=17&roil=0&roit=0.0633&roir=1&roib=0.9367&w=248&h=131&qlt=90
Requested by: Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:1b::1724:a388 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: aee7c632c02ac451df0647052ad27ffd67024a5517f0fcdc5a94bcbe2b848865

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.88a12417.1702372306.9e7f8c3
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 12348
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame EE4B 0
647 B 44ms
37ms Script
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fuintacountyherald.com&e=wqT_3QLuA-juAQAAAwDWAAUBCNHH4KsGEKKss6S___rWQhgAKjYJeptJy9yqkD8Rz3svaVY_kD8ZAAAA4HoUEUAhzw0SACkRJMgxAAAAIFyP0j8wlTY4tQFAtV5I4wNQuomKtgFY0ccBYABoqTF4-_AFgAEBigEDVVNEkgEBBvQFAZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACZuoCHWh0dHBzOi8vdWludGFjb3VudHloZXJhbGQuY29tgAMAiAMBkAMAmAMJoAMBqgMAwAPYBMgDANgDv85E4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAF1erOyrDx29ROwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFvfMp-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAARPIAAAAAQABgA4AYB8gYCCACABwGIBwCgBwHIB_vwBdIHDQkBIgEBASYM2gcGCAUJnOAHAOoHAggA8AfRogSKCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=907209ad4aaa4344188492ded88d001b178e986a&bdref=https%3A%2F%2Fuintacountyherald.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fuintacountyherald.com%2F,https%3A%2F%2F3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:46 GMT
an-x-request-uuid: 539b5be3-7a8d-4f74-8573-a143ea81ce41
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.20; 217.114.218.20; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

4a.js Show response
static.adsafeprotected.com/ Frame 4471
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/987057/61527017/4.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=pub-2421836933502242&ias_chanId=1&ias_placementId=20343401207&bidurl=https://uintacountyherald...
https://static.adsafeprotected.com/4a.js

2 KB
2 KB

86ms
42ms

Script
application/javascript

2600:9000:223f:5000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4a.js
Requested by: Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:223f:5000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:45:50 GMT
x-amz-version-id: ce47Uk_40n7.EHf_5AWPfR6VoMlkrWoX
content-encoding: gzip
via: 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 397557
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Thu, 07 Dec 2023 18:45:47 GMT
server: AmazonS3
etag: W/"589d8955c4906ab1b8e63a2f92d932d3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: YnzXp_8ja-YuMiUh7uQJ2uEqShFpH9spQk67q3IKg4yhTSbR9H3mBA==

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:46 GMT
server: nginx
x-server-name: app03.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4a.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame CEAA 91 KB
23 KB 140ms
39ms Script
application/javascript 2600:9000:223f:5000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 7117356
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: Sq8e6fLv3_WEH0CybfXnf4NDs46PN8I7MgcttJxrQXZEoTuZIhOyrw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4471 43 B
215 B 554ms
181ms Image
image/gif 2600:1f13:800:7781:4c95:14f6:d804:9c3f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=52e1a647-f94c-66fc-f19c-80d1769fe519&tv=%7Bc:wzLlxh,pingTime:-3,time:35,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:12%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:35,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B31~0%5D,as:%5B31~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tYdmHZC+11%7C12%7C13%7C14%7C15*.987057-61527017%7C151%7C152%7C153%7C161%7C171%7C18%7C19,idMap:15*,rmeas:1,rend:0,renddet:na,siq:13%7D&br=c
Requested by: Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:4c95:14f6:d804:9c3f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:47 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4471 43 B
215 B 554ms
182ms Image
image/gif 2600:1f13:800:7781:4c95:14f6:d804:9c3f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=52e1a647-f94c-66fc-f19c-80d1769fe519&tv=%7Bc:wzLlxi,pingTime:-6,time:36,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:36,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B32~0%5D,as:%5B32~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tYdmHZC+11%7C12%7C13%7C14%7C15*.987057-61527017%7C151%7C152%7C153%7C161%7C171%7C18%7C19,idMap:15*,rmeas:1,rend:0,renddet:na,siq:13%7D&tpiLookup=ao:uintacountyherald.com*&br=c
Requested by: Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:4c95:14f6:d804:9c3f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:47 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4471 0
0 64ms
59ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu7rI4z0TdryxtlRJQmkDb44uUSPCxANMqwdbyrakx3oRtE7s7Sge6xZ6u-Rfgkymp65Yt_ZFmHSn7pL3qrfGv_1xMG0Dv8rMPXyoOXB6ubQFT3PPniuvXDYck2Z9WpaU85X1Z1-Q9GbbiYVGyFaCC4nIMbKR-hp5MU-hkms-qnOy795YvXypVa-lFhMdpdxEz2-kNftRNFTDx9rjObm2rbOg8XA94xHTWvh-vZi06_POmJqje5syq9xxN8dHvNzW9Obujh07-l_v37C981s6VcoN7hXQqjjMKRWPh7Be4K92wCiFt_XR_0sY9R4bVmTburMoJcK718yBUdh29GKxHjOP_J1zxhYsxqtHxmjaO8hC8DoHiWFZKSp9y0hxG8utjW0Rfio9JQAEr3jclx1zwJqmS3LYNYmtid0BUKu3JR_lhetyyPTu1cBDTjjluSo9K8ofxpHlRfhixWf9KekqI3sqQZspFPBhC4NxrVALFE2Ok3Yh3O8fYlmLjmL7TVvXYSRjyEUy_u-cvxCuiWiKxX-ongRvTw4yxE0989XGjNbgIHGSGPnk_NxMijdRI0v6bWrfc4gBFeV8hrZzCMWMHYXLgPk2usv-GpvLsHL7-SW8qjJ-v7bctTkje6Ed6l19789_m1V0vCDsnk01fHWKkHFdqYpBLgZG11MaVtFZwWRS3xkFQTfEfg065U_r49c88JoIWh6QRoLgNPVwfmdb7CSfYrnuH3BgQW_ezcCxjP8x_J7RW-h7iFrFtCx8PchfNQbiGzfZr-UFQee-GpgiVosLv65qdx4TQ8Vh-AtQE5o5PjRLuE69FzT0ODwEw9Y25rcXGG4tQHeGwgxcY2JtIGTgDRP-Nv8H7X4QvHMz3S0jcYXUEW9_nFoU4nN5pYrCzB2hllMKZOruWKhP3YkkZTk_a_Ro9FuT3762HoRaGsJAEudFNJi1Fboi6x5eeVnopIDmU9MCULvFVZmw9Mry_9WOCNDHKks9hgfPr1ikmKdZNEWeXAQjegJjmvOwUU-Vm8W5OgEQsWWM4rV5FtObhrbhCk1eVsLeApDfsBNwAYjSEL8ph2L5pRYcpCAfW9sOtM6qrV8HeazB1sd9GwRkGef3JSGM7VRDOzLEgQb4Fj40Wfkw1sg3BubIaV3PcuIR8w71ENIRmmKyjWvx_Rq57kN5Z7y7uHZyALYLrF-fYYBsCWWce7RC2DiRoo0IkgER-LyUUguKVX_sIcFqZstcn_GYudAnbp7aEFvzibrYbRdxqv08JH7nzS3GDyuTe9FjTQfq_RAq_oPTLe6k_2bv_2jSpVOExfziAcsUmQjob0BCZT2Q7hKKLJwJatRLrgI-82JY0a6EKQ3EUWtSHq-Gvj4ds_udnwDI7JhB1sSUOuOFkAofCroMP70W5glS1RSGVnMREPq-CbPrfCH_1om1Nk18i5nu9EGhnztCqEwGl5pdfxG16mrAkQmIQOl9m7V1f7G2BWYmsk9q8qEAxoRm2lUGemv3jCdLB80jQEQtfuJwbxslrQFtkxSgXh&sai=AMfl-YTQA1czx0SbRPmwGHemGVf-e2KjGVFxIsdk1-sgymDtbTYkyQk4zjZilHmNtVDUr6NABgL4x01SPllMMGctiJkQ9nZ_TDIFUDDYrD2ltc1S4QaEAbfWcFhay9dqewiZ18ZBcJ7PYkK0QTymTLP_pMD4mpjSE0hJr7AX1Ak4KzvA6crB5zh6KPcnhEC5Ic62ZyiuuugdKDLRzWRjQn6Bs7vAZSWvD4puSx_pI9Yxlh9D5jczvJX2JGF1VvNh-6pxlteUpg31atMTx3afdPizPsZE1ISu9BN7D-wBb1VBmVYkj9Q4n6luecE2jDYGzQ&sig=Cg0ArKJSzD07c3Dlz_UuEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=303&vt=11&dtpt=159&dett=3&cstd=142&cisv=r20231207.99622&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4471 43 B
216 B 543ms
179ms Image
image/gif 2600:1f13:800:7781:4c95:14f6:d804:9c3f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=52e1a647-f94c-66fc-f19c-80d1769fe519&tv=%7Bc:wzLlxp,pingTime:-2,time:43,type:a,im:%7Bsf:0,pci:%7Btdr:33%7D,pom:1,prf:%7BbeA:628,beZ:628,mfA:630,cmA:631,inA:631,inZ:634,prA:634,prZ:637,si:640,poA:641,poZ:654,cmZ:654,mfZ:654,loA:664,loZ:665,ltA:671,ltZ:671%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:12%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:43,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B39~0%5D,as:%5B39~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tYdmHZC+11%7C12%7C13%7C14%7C15*.987057-61527017%7C151%7C152%7C153%7C161%7C171%7C18%7C19,idMap:15*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:13,sinceFw:30,readyFired:true%7D&br=c
Requested by: Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:4c95:14f6:d804:9c3f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:47 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4471 43 B
215 B 540ms
180ms Image
image/gif 2600:1f13:800:7781:4c95:14f6:d804:9c3f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=52e1a647-f94c-66fc-f19c-80d1769fe519&tv=%7Bc:wzLlxu,pingTime:0,time:48,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:12%7D,%7Bpiv:100,vs:i,r:,t:48%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:48,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B44~0%5D,as:%5B44~728.90%5D%7D%7D,%7Bsl:i,t:48,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~100%5D,as:%5B0~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tYdmHZC+11%7C12%7C13%7C14%7C15*.987057-61527017%7C151%7C152%7C153%7C161%7C171%7C18%7C19,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:13%7D&br=c
Requested by: Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:4c95:14f6:d804:9c3f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:47 GMT
server: nginx
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 94 B
630 B 320ms
238ms XHR
application/json 216.52.2.86
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.13.0-pre
Requested by: Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 1e226cc1abaf97dc0a3568826d4ef13238d494ddfa8c6135e89ea5cf84bab5c5

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 12 Dec 2023 09:11:46 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://uintacountyherald.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

GET
H2 200 arj Show response
justapinch-com-d.openx.net/w/1.0/ 174 B
585 B 179ms
116ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://justapinch-com-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fuintacountyherald.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=02350219-9769-4bae-9ce9-9d293634282f%2C9b204232-3192-471f-9ecb-7f2a17dbb0ae&nocache=1702372306612&gdpr_consent=&gdpr=0&schain=1.0%2C1!americanhometownmedia.com%2C00029%2C1%2C%2C%2C&aus=300x250%7C300x250&divids=ahm_widg_id_12%2Cahm_widg_id_13&aucs=%2C&auid=544092684%2C544092684
Requested by: Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 74c4c3c6ea166e0cdd60068430fa1891c1a752dc0e35245e9e5568a515d7121c

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:46 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://uintacountyherald.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ 114 B
916 B 380ms
123ms XHR
application/json 69.166.1.64
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%228cd846e0979d5b%22%3A%22756efff2836db95a6c52%7C300x250%7Cgpid%3D%2F281191609%2C129995211%2Ftrx_newsmediacorp%2Fuintacountyherald.com%2Cc%3Dd%2C%22%2C%2290845f247f8575%22%3A%22756efff2836db95a6c52%7C300x250%7Cgpid%3D%2F281191609%2C129995211%2Ftrx_newsmediacorp%2Fuintacountyherald.com%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fuintacountyherald.com%2F&s=0710334d-4a3b-4d27-aa12-0b9f2ddc6666&pv=e1967baf-bf11-44d8-a01a-6ba8dc67829f&vp=desktop&lib_name=prebid&lib_v=7.13.0-pre&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fuintacountyherald.com%2F%22%2C%22domain%22%3A%22uintacountyherald.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22uintacountyherald.com%22%7D%2C%22keywords%22%3A%22BreakingNewsfromyourLocalNewsSourceLeaderinEvanston%2CWyoming%7CUintaCountyHerald%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%7D&ius=1&gdpr=false&schain=%7B%22complete%22%3A1%2C%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22americanhometownmedia.com%22%2C%22sid%22%3A%2200029%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.166.1.64 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

90f752b0821d04bce989bd779e382a967eb5801454c97c073c549d0b17cb2127

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:46 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-113
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type: application/json
access-control-allow-origin: https://uintacountyherald.com
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-length: 139
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 202E 2 KB
1 KB 33ms
31ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:04:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Dec 2023 09:19:33 GMT

GET
H3 200 logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 202E 3 KB
1 KB 30ms
28ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:09:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1288
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 13:24:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Dec 2023 09:24:31 GMT

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 202E 6 KB
2 KB 28ms
26ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:04:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Dec 2023 09:19:05 GMT

GET
H3 200 head2_2line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 202E 12 KB
3 KB 26ms
24ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_2line_family.svg

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bd4b6c45e7bc6a8d91d052fd971d32dae0282cdc0a8513ff8dc60f4b3f2a274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 504
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3442
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 08:21:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Dec 2023 09:18:22 GMT

GET
H3 200 head1_1line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 202E 7 KB
2 KB 41ms
40ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_1line_family.svg

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3192c9a7e98a6d2874cde7e3a27c4f6149d4b1034ac6acd81a7d2d6ef1393761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 468
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2321
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 08:21:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Dec 2023 09:18:58 GMT

GET
H3 200 728x90_kv_family.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 202E 38 KB
38 KB 34ms
33ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/728x90_kv_family.jpg

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cdafa331554b9a58e4406b653270c0b44945e431761cfeb3876229f001f8af6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:59:43 GMT
x-content-type-options: nosniff
age: 723
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39260
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 08:21:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Dec 2023 09:14:43 GMT

GET
DATA 200
OK truncated
/ Frame EE4B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345d7f62fae57b4ea1390b5b380a1cc3676b8d9b0f6dd679772b839edc2cb159

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame EE4B 0
697 B 37ms
37ms Ping
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fuintacountyherald.com&e=wqT_3QKpB-ipAwAAAwDWAAUBCNHH4KsGEKKss6S___rWQhgAKjYJeptJy9yqkD8Rz3svaVY_kD8ZAAAA4HoUEUAhzw0SACkRJMgxAAAAIFyP0j8wlTY4tQFAtV5I4wNQuomKtgFY0ccBYABoqTF4-_AFgAEBigEDVVNEkgEBBvBhmAGsAqAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AJm6gIdaHR0cHM6Ly91aW50YWNvdW50eWhlcmFsZC5jb22AAwCIAwGQAwCYAwmgAwGqA7cDCs0CaHQJM_CGd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTA1YmUzZGJjLTRiZTQtNGZjMy1iM2E1LTI5NWY2YzY0ZDU0ZiZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYyJm9BZFVuGVwgcHVibGlzaGVyATggNjI2NDUzMzAmAQ4IMDVihnEAqHJ0eXBlPW51cmwmdGFnSWQ9NjkzMyZ0cmFmZmljR3JvdXA9a25hcWVfM2MRFghTdWI2GQB8X3AyZl96Ym92eXImYWlkPSR7QVVDVElPTl9JRH0md3AdEbhQUklDRX0SBTEyMDg1GhM0ODA0NzU1ODQ0ODQ2Mzc2NDgyIgkzODE4NDY3MTQqBCFq8IE6OFUyVmhjbU5vUVdRak56STROREk1T0RVek5USTVNRE1qTWpNeU5EWTBNalExT1RRM05qTXhOdz09wAPYBMgDANgDv85E4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6QXxYiAUBmAUAoAXV6s7KsPHb1E7ABQDJBQAFARTwP9IFCQkFC0AAAADYBQHgBQHwBb3zKfoFBAFcKJAGAJgGALgGAMEGASE0AADwP9AGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH-_AF0gcNFWUBJgjaBwYBXrAYAOAHAOoHAggA8AfRogSKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=6d04ebb57059f2830c515da96276faeeb76587ae&type=nv&nvt=5&jm=1140|1141|1003&px=0&py=0&bw=300&bh=158&sid=2127394401763510489&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6933&sw=1600&sh=1200&pw=300&ph=672&ww=300&wh=600&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:46 GMT
an-x-request-uuid: 6415bb98-bae3-4418-8048-32aec8752cf4
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.20; 217.114.218.20; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4471 0
26 B 61ms
61ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuubrMuOF7R8wL1Mp1xlAk5ImesVVWQSSQK_RZyh0v4UP_EnUsK6zLNLti3kMg9yWqKgL0AAatjGfwr6tR6LgUjS_z4c5kts0iZ0knh6h1vxzrtUwMt_GWlWXhdmenmh2jRk9J0gBqCk6TfIHTQ4j-F8igU98z8lc0H1dOtHLw1CKZgg3kr3jAtrwmNsoWjbE06zWhjQh2jygxSIvuBBDAlV1tScfAZ&sai=AMfl-YRM0yhzmV9TQPVhLWk7syriqLQqVCQ-dYhHLgMeacG5-6gPkZVcGs_uj2rReMovBN4dBhhc9YqpOYw8sqM_8gow-rd9d7qu5Danqpfq6MlHuGusu2w1dVB9bQO4vUVdgdcbqlAWLDpgKehVwg-Tj_lI&sig=Cg0ArKJSzFNOD4DzfU0bEAE&uach_m=%5BUACH%5D&urlfix=1&vt=13&adurl=

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 -xiRPNuyBPwVatMpGTwLBVJWIihuGHeCHlxT9dbUte1Venh-RPdRlnaEk3kr8FZhiCR8BQMCGGdZQ5RDmaqo0YfNKogNCyX59GoZkfc=w600-h400-p-rj-l68-e365
lh3.googleusercontent.com/ 57 KB
57 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-xiRPNuyBPwVatMpGTwLBVJWIihuGHeCHlxT9dbUte1Venh-RPdRlnaEk3kr8FZhiCR8BQMCGGdZQ5RDmaqo0YfNKogNCyX59GoZkfc=w600-h400-p-rj-l68-e365

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ba114696bb1932207fa410dca8526f9731c04088f7075893ca679792c5866dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:19:49 GMT
x-content-type-options: nosniff
age: 3117
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58356
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=7776000, no-transform
timing-allow-origin: *
expires: Mon, 11 Mar 2024 08:19:49 GMT

GET
H2 200 J56C3uAPsZJxq3lmKqyd7TWuddqzxzI8kQSg1z6LSLDpEHE8pchG01IhlefvJkiGHj6ZTo6RTkLvoI_n3GvnfR7OlO5Iu3KMSGrFppM=s42-p-rj-l68-e365
lh3.googleusercontent.com/ 1 KB
1 KB 21ms
20ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/J56C3uAPsZJxq3lmKqyd7TWuddqzxzI8kQSg1z6LSLDpEHE8pchG01IhlefvJkiGHj6ZTo6RTkLvoI_n3GvnfR7OlO5Iu3KMSGrFppM=s42-p-rj-l68-e365

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3b8fa8b43b862ae61674cc4349b4c16215be1fd78641bbc9948489645d572f36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:19:49 GMT
x-content-type-options: nosniff
age: 3117
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1073
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=7776000, no-transform
timing-allow-origin: *
expires: Mon, 11 Mar 2024 08:19:49 GMT

GET
H2 200 passback_728x90.js Show response
static.adsafeprotected.com/ Frame E253 3 KB
2 KB 34ms
34ms Script
application/javascript 2600:9000:223f:5000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_728x90.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: BMDmVeG18LcgsgmLJH9yXJDgb3k6n4r4
content-encoding: gzip
via: 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
date: Sat, 09 Dec 2023 06:14:58 GMT
x-amz-cf-pop: FRA56-P5
age: 269809
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:52 GMT
server: AmazonS3
etag: W/"696b4c19d35efd706805137a8a4b3831"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: 4_yKHnvdzL0JKbz8wOProk1iWfx1pM8YsOpaQlrNJd_nvEiepYbtEw==

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EE4B 0
0 64ms
64ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CDBdp0SN4ZazFGK7K1PIP0vu4oArS4Nfgbo-ktpOTCsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0yNDIxODM2OTMzNTAyMjQyyAEJ4AIAqAMByAMCqgScAk_QXOfmBVtAcdPFqoGwYj0Pi1s1Xx3qVMRTtohXfYwTm6IGbIdNKXYxNQ4vUutHA_d3IAoqu3ZEbyLfOAUEjRg9gZ6MnMDFiVZM2_1F4GPrEtvcyZopsdsV1Wiu0oyLSFgtRTUIIC3TZ4pcK0vWNdsK-oVgfQIt07WNxScB8066RVpjHLNaakbJLNUknNkjWk8ilo5M40pSrX4OEukASpDg0BTcXj3Ta-qRag1wbYQ4fMrWtfP9eG6WrQOyt3NLBRwNUMf9lZd5NjENooYnvgGA71nQBxcLGSNeed-xVuIv4C-Eo4qSPE9GUbXE3Thog0ZvQm0g4k__jzU1ioHRgY2bN5bqHfPt_rsVAvL7Tj3ZPWcuroOCdavD4ibr4AQBgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSRpoTHiYMDgAoB-gsCCAGADAHiDRMIus6mhMeJgwMVLiVVCB3SPQ6k0BUBgBcBshccChoSFHB1Yi0yNDIxODM2OTMzNTAyMjQyGMu9Kg&sigh=WgVpgDnFxlY&uach_m=%5BUACH%5D&cid=CAQSTgDICaaNjclku_S2ItL8X500NNljTNDenaEfD_gYExrO-FazBQNSeCIcrN6YaHVwdv801mTExwvYEB1jE-Jct-uHZwQHrmmqFV3zU1t0fBgB&cbvp=2&vis=1
Requested by: Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 it
ams3-ib.adnxs.com/ Frame EE4B 0
647 B 70ms
70ms Image
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fuintacountyherald.com&e=wqT_3QKpB-ipAwAAAwDWAAUBCNHH4KsGEKKss6S___rWQhgAKjYJeptJy9yqkD8Rz3svaVY_kD8ZAAAA4HoUEUAhzw0SACkRJMgxAAAAIFyP0j8wlTY4tQFAtV5I4wNQuomKtgFY0ccBYABoqTF4-_AFgAEBigEDVVNEkgEBBvBhmAGsAqAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AJm6gIdaHR0cHM6Ly91aW50YWNvdW50eWhlcmFsZC5jb22AAwCIAwGQAwCYAwmgAwGqA7cDCs0CaHQJM_CGd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTA1YmUzZGJjLTRiZTQtNGZjMy1iM2E1LTI5NWY2YzY0ZDU0ZiZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYyJm9BZFVuGVwgcHVibGlzaGVyATggNjI2NDUzMzAmAQ4IMDVihnEAqHJ0eXBlPW51cmwmdGFnSWQ9NjkzMyZ0cmFmZmljR3JvdXA9a25hcWVfM2MRFghTdWI2GQB8X3AyZl96Ym92eXImYWlkPSR7QVVDVElPTl9JRH0md3AdEbhQUklDRX0SBTEyMDg1GhM0ODA0NzU1ODQ0ODQ2Mzc2NDgyIgkzODE4NDY3MTQqBCFq8IE6OFUyVmhjbU5vUVdRak56STROREk1T0RVek5USTVNRE1qTWpNeU5EWTBNalExT1RRM05qTXhOdz09wAPYBMgDANgDv85E4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6QXxYiAUBmAUAoAXV6s7KsPHb1E7ABQDJBQAFARTwP9IFCQkFC0AAAADYBQHgBQHwBb3zKfoFBAFcKJAGAJgGALgGAMEGASE0AADwP9AGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH-_AF0gcNFWUBJgjaBwYBXrAYAOAHAOoHAggA8AfRogSKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=6d04ebb57059f2830c515da96276faeeb76587ae&pp=ZXgj0QAGIqwIVSUuAA490o6LKU74ILdIWGNMFA&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFYDv0SN4ZazFGK7K1PIP0vu4oArS4Nfgbo-ktpOTCsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0yNDIxODM2OTMzNTAyMjQyyAEJ4AIAqAMByAMCqgSfAk_QXOfmBVtAcdPFqoGwYj0Pi1s1Xx3qVMRTtohXfYwTm6IGbIdNKXYxNQ4vUutHA_d3IAoqu3ZEbyLfOAUEjRg9gZ6MnMDFiVZM2_1F4GPrEtvcyZopsdsV1Wiu0oyLSFgtRTUIIC3TZ4pcK0vWNdsK-oVgfQIt07WNxScB8066RVpjHLNaakbJLNUknNkjWk8ilo5M40pSrX4OEukASpDg0BTcXj3Ta-qRag1wbYQ4fMrWtfP9eG6WrQOyt3NLBRwNUMf9lZd5NjENooYnvgGA71nQBxcLGSNeed-xVuIv4C-Eo4qSPE9GUbXE3Thog0ZvQm0g4g39rqf3Lnu8FXfvggizmUXp3bGRC9zjl59fZOOSLqmubWtCAEt_xNG74AQBgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSRpoTHiYMD-gsCCAGADAHiDRMIus6mhMeJgwMVLiVVCB3SPQ6k0BUBgBcB%26num%3D1%26sig%3DAOD64_192cT1EZKvy_FoQOBCU7-qj5oa3Q%26client%3Dca-pub-2421836933502242%26adurl%3D&cbvp=2

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:46 GMT
an-x-request-uuid: c1303534-c410-4072-a91b-987baccbdea8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.20; 217.114.218.20; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 IAS_PassbackAds_728x90.png
static.adsafeprotected.com/ Frame E253 10 KB
10 KB 38ms
37ms Image
image/png 2600:9000:223f:5000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_728x90.png
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: 4DcA1UddzZ2E21bAiUECQTp8M854Vxlu
date: Tue, 12 Dec 2023 06:35:18 GMT
via: 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 9389
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 10216
last-modified: Fri, 18 Feb 2022 23:29:13 GMT
server: AmazonS3
etag: "b1464a7201f691a1e4cf6fc057919d7f"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: EqtiePwXz7uRlXkC8roZJjzpMpdPKX6G3U2RrKU40JAZ4OutfOVJMg==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4471 43 B
215 B 283ms
282ms Image
image/gif 2600:1f13:800:7781:4c95:14f6:d804:9c3f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=52e1a647-f94c-66fc-f19c-80d1769fe519&tv=%7Bc:wzLlEu,pingTime:-10,time:482,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjcxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1702372307034%7C%7C89addd311c58a3fbc5fb792d383d3688%7C%7C81fa84b75a8024ba76b34e57df459f31%7C%7C582b7eb26c734479dbefe1aa4fc1801a%7C%7C2a311b330d61c9b631980b3fc40695fb%7C%7C5d9fe95182993e20438dd35f00c93df7%7C%7C2b764eba639805f72968a1b7e6cfa6d1%7C%7C161dd52c2c869bfcb427ca07103cf5af%7C%7C1663701684%7D
Requested by: Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:4c95:14f6:d804:9c3f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:47 GMT
server: nginx
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dcl.htm Show response
rt3062.infolinks.com/action/ 0
68 B 144ms
144ms Script
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3062.infolinks.com/action/dcl.htm?rid=7e9b647d-554c-4ea0-a5e1-e4deef2f7a96&prod_t=d&sdata=video&bdc=2&midx=0&capara=%7B%22ve%22%3A%22mrc50%22%7D
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 8344d788684891ed-FRA
content-length: 0
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4471 42 B
64 B 104ms
58ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsscUXR2DXlD2xFo3LCE4CfSJK_1R11D0-mxcIKJKYgA-R8qvaeYm2bo0zphkg4MNHd4cQuqGd9vDINrB_YgRjF87vJEpeVG-Qu4bAxszd5Re-LVMgJhNuGTBE4WWWDKXyit2y870g8soIMghQtWGZbkSIYJ&sai=AMfl-YT35VbpPbZeiOqcje9QKe-oZyQUHw6oDLXOcJxviNDVmo_T8HCJAZU2uQZtauR03WCxI8TKXNFVDM8zdEZsNHfMPNUD0iMFwmAOxBlppzBVUQP389lj_Rpi2QvnZ_ylpzXpg4aMLmHs4_ntdtax&sig=Cg0ArKJSzK9fuvAoVE0cEAE&cid=CAQSTgDICaaNjclku_S2ItL8X500NNljTNDenaEfD_gYExrO-FazBQNSeCIcrN6YaHVwdv801mTExwvYEB1jE-Jct-uHZwQHrmmqFV3zU1t0fBgB&id=lidar2&mcvt=1001&p=190,436,280,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=536991170&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702372305924&rpt=384&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 207 KB
76 KB 378ms
377ms Fetch
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2945631835796356&correlator=1519630762936996&eid=31079240&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fifs&iu_parts=281191609%3A129995211%2Ctrx_newsmediacorp%2Cuintacountyherald.com&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%2C320x50%7C300x250&fluid=height%2Cheight&ifi=7&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D63017a558788a582%3AT%3D1702372305%3ART%3D1702372305%3AS%3DALNI_MaI-7pStYkKeupuLlJsOpNrEbim6A&gpic=UID%3D00000d13d41a618e%3AT%3D1702372305%3ART%3D1702372305%3AS%3DALNI_MbUt99KBZ4JmtCTofoBT5vRdjjO8w&abxe=1&dt=1702372307838&lmt=1702372307&adxs=1200%2C1200&adys=1834%2C1378&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2&ucis=7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fuintacountyherald.com%2F&vis=1&psz=300x-1%7C300x-1&msz=300x-1%7C300x-1&fws=0%2C0&ohw=0%2C0&ga_vid=1437240365.1702372305&ga_sid=1702372305&ga_hid=1810723417&ga_fc=true&dlt=1702372304298&idt=1032&prev_scp=slotName%3Dldgr8%26pubDom%3Duintacountyherald.com%26atab%3Dtrue%26frstlk%3Dtrue%7CslotName%3Dldgr9%26pubDom%3Duintacountyherald.com%26atab%3Dtrue%26frstlk%3Dtrue&adks=1698964757%2C1698964754&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c197e10ab4b9f3cfb6f31085993312740efd57f642aefe8322e258b5e684d10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:48 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77830
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://uintacountyherald.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 54CC 6 KB
3 KB 22ms
22ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uintacountyherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 09:11:45 GMT
expires: Wed, 11 Dec 2024 09:11:45 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FB89 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uintacountyherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 09:11:45 GMT
expires: Wed, 11 Dec 2024 09:11:45 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2B93 624 B
242 B 62ms
61ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGMW8-4ACMAE&v=APEucNWyUO1HmWzSgm_sYKJv8QD26diwNP_5WixevG8l2RouFa8pp7Y4TtQrrZgFm1fONtE_xnBSEmic-vpvri7MB0Bckmn6l_x5wjGLl_2t_8azep0WNOpAeeGBVM1KZwVvzojKd_IIRZlQl_WP1bKvKB30pFZxw57ylWC1wriiilST9hLP9X4

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 09:11:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 54CC 24 KB
9 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 00:43:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30496
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 00:43:32 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 54CC 7 KB
3 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:59:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 717
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 08:59:51 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 54CC 0
0 156ms
65ms Fetch
image/gif 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvUqNccTEC9uMtBbP45yB5dcPznTWy2Mt3AlkF9mU_-wu_pvaFRJpx-PULuLcHkB2gdXSsHLtvuOomS6-VW7UYjw3TsASlP9k5bZiLCRm1lK6E2m6DzLHiGHOKuyV51MrtrbZpSDwyJi9-Jx-zZQrQPRQSITWZ3XQQWplo5uOMtpev6wtScpv5Cnk9c-V4aGUBQ8MIPSNeTHdY8aj4fmdqnHTJNB2DSgkec7qts261lECudPQUxiEVlgaQ8sSv7ujlGnZaH3ekcN-chfV3qHULe1xMD1kHzJ5NwW8B5mA3HF-a-cRuFbdDv4zeBOIAihjMOirQYLTgveqHndWixw5MKeRvcWIxABMSciDUNQRi-ZcBjrtFh70taZlvNlsSB3ckfO2F2DEE_T9ZBIEjPkVZbzsBA6DfTFowyzC6JKRxA74UPHe1TNKqT4ABqgoMDOanTljwE9Gi1kcXvlg7AGSAtVYPWFsVC4_VB42AphpQEgmUSM-Z7V18-KQBX6g4nx95D6nN0QAGSm6AGWU2qXadD7jG3l7PvckgGcs6g-oxx2biIMxQ_g0EyJjrITQ_S4xRye7wm9OjAYJEyy7kPR2bJFfva06FWQKY4sobtxsElOPZtjnRPTOkEoJGP9cRGBxlbG7l6hC4ydYBHjctCGlq6aW6DzMUW8oDQhHsA8l-bHenLlqLRu5BbWZRMhqlYa4hJI3XgNQoUkDK8s9vsLfCqc3kEwGpbEvfyFyH7ctXYCZOsQxiHhJFqDWSYg62zKC5Ru5Qr7UzibIsPpmigLj1_AKdhFz1uLJCU6RPqHOd2VTVYOKViQhgn02-BX6aXvsHRFZVVWi3LB4EEEQ2VRjkKz5A1961OKCzT_aq6T3dZV88U-dflvYjn1ZpA5IcBtpN70XVNefFmEmwy2i9wburTP9qO545sH6rg9cfDnO_m3o3nm-WQOmJKP9npD9IZ5mn4d65egdYPG-kj1E8WMre38EaHyvxYa5BX14OBBHH3Yx20_Y4karKSA0pL0DpMXI-DkR5luPZH8SfktAexol28CXYHp2Y2JVTIopY_tVvxpH6_2qt2o3Y8bCifZNgtfsohEvYB4sd-zuVXe5NUA30VLs87ZQ1qTTKMy0VuQMod0zypWXL1kT_rvpzSu8-V2xa6sJ4DMy4GtdJYjN6qr1J5bNG0KkhQZzjslEzSfZMxO1jXC-I_9ZJzmxZsY3Pp8MDjmt23ZzSuYQfwqu-ciZTVyRa-p9bRqvsVL3TCYQ9MjEGwnuw3CqrJgF9BNMGExDkYjGgxZpwryVdhpgSZXG1JdmoDFfsN6eX70bsqiW9UDjTuwQ_aA6i96bmCehDk0rQPhRqyvDp1zTe9H2aBeUK5cs7wAo8qXDjI3lRrnYlv_H4XS9bd46nvI0uxOVNoa8Wa1yTCsI1IplOMdRjz9wVpGFV1qLkD4qiYDl6cAQR0lfNssjh_b2HclXzBS1SYCCfvBMuqVxlGNEobkrBd0BsKYQ7Rs95gEP7FXtWuKSJAf29Nu84DwrVjfWA2qxXIuYXhzt9PN219HNsReE-zZtiZ&sai=AMfl-YSWKKkkWcRRlpXwV8f558AymBdM3Kj2vrVJ0jEajGv3ENrZ4UhQc9wK_dB_84mG9yIzJ_nbCMTEtA44fb-K48H7tjU3q42lgjjYmluCQTl-v7-Ds5iWdkMBx12JT19h-WVg1pM9mVDPIW2K9T-xXgGV9N6b-pMuNSBs3iOQ3InJgUPtoQRO29-btJjRD_encUp7N3Tq1o_FY40clFDCpyxI361pHGWAot-ausQN7NEVFA-lyhAuiYUNhm5NuvHuKcEdAiv5lUFgVc1D24jYnnX0RHv7-j0Ys_ROy2NQxMzYjdDynDt5CmShVII7OsRrv4kflXv3vrGPuTFd2dLX57SV2AiGLBMufS9Ykw41hc_GlIAd6Cs45patuC1TKHyVlT6FccBnNfz0eOMwe2wWWTFggmvWB765SD5ZhwVbNrxUvAnkuEo&sig=Cg0ArKJSzBCBh74kUwo-EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYW52YS5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231207.71351&arae=0&ftch=1&adurl=

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 12 Dec 2023 09:11:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 54CC 41 KB
14 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 13:24:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71221
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 13:24:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 54CC 3 KB
1 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:54:19 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8BF7 1 KB
643 B 23ms
23ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 45114
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Tue, 12 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 54CC 20 KB
8 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:54:19 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 54CC 42 B
63 B 57ms
56ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bv051oXJllEUHmS3XTBXUghFnQt0ExiPbzhlX7rDU2bpf301uozhGb3ge0MRcuPpRumsIRf3cuvN_UDVsHn9HDnRvMcf4Sfj8gFZvMci-GSvIQC9I

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 54CC 0
0 32ms
31ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSaysqPsyR6Aj0-5aVDW6oCMxqxUzatDQGMNJ3PXj-yZrpTwVme74A1KNV99Tc_GBc9264PxMzHjio0zM0sdB46T7slUg
Requested by: Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 54CC 203 KB
64 KB 225ms
225ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 09:11:48 GMT

GET
H3 200 6886608763931359982
s0.2mdn.net/simgad/ Frame 54CC 35 KB
35 KB 21ms
20ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/6886608763931359982

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7af0542a2e6a0940e024304d26faf12616b3453df692de1d38ea1729bc4bd7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 07:30:06 GMT
x-content-type-options: nosniff
age: 6102
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35946
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 09:00:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 07:30:06 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B879 640 B
262 B 63ms
63ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DEJ_18b0CGPCVhbQBMAE&v=APEucNWr8oE-1uPIiC5RM8QY_DRE9cRs1Im1eOHV-huhkFJr7EymibNxS7Iw3RUpdrGJTTKBhZK-GZwUYAVxxcA2LPXkeGVSRWjxf4qfgZtpRtx-VhMtaa9xqdTW3sBWixcDtfQlWIuK88DjQTmPr6dikQOFZ1iQ8FbRk04wqZKci1KbRFNnHjE

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 09:11:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame FB89 172 KB
60 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
Origin: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Dec 2023 09:07:20 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame FB89 7 KB
3 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:59:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 717
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 08:59:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame FB89 24 KB
9 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 00:43:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30496
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 00:43:32 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame FB89 41 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 13:24:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71221
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 13:24:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FB89 3 KB
1 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:54:19 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0C43 1 KB
643 B 25ms
25ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 45114
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Tue, 12 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FB89 20 KB
8 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:54:19 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FB89 42 B
63 B 58ms
58ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D8OXP0-UPoc7nUpPFInwp4pY9pvvQRF9faJhLrtR1XuAg3YWPJ4f_Qv-eq2xJN8JECC-P1I2gKwmk79AFxMXUzNrDRGy4P_wYPhMgqCBvizSM6fCA

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame FB89 0
0 29ms
29ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSWoo_JTw9ZkmI38O1elTOOwIued4fA-EDBGu6DsyWBhu7uCLnEczstz9m-U3r6Bg6OjDXu48HEA_NpX1THMo57WJ8hGA
Requested by: Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame FB89 203 KB
64 KB 247ms
247ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 09:11:48 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 8BF7
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBlhTHkzXF_Q8rOLNgc3LfE&google_cver=1&google_push=AXcoOmS3zq5AAU7neFWDCS8DQ8GCfRPHaSeDWoFZn3ISw7xiqzcg1K6GreAoV5wZIjoDbTtcEXhp3w_Z0ZaKqQgbU0fOg3zC_khu
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODE1Njc1MDUzMjM2MTM1ODgzNA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBlhTHkzXF_Q8rOLNgc3LfE&google_cver=1

43 B
398 B

48ms
29ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBlhTHkzXF_Q8rOLNgc3LfE&google_cver=1
Requested by: Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 12 Dec 2023 09:11:48 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBlhTHkzXF_Q8rOLNgc3LfE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 8BF7 0
104 B 259ms
104ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKfJ3pwk77JH3euiZ96YWe0&google_cver=1&google_push=AXcoOmQP8kEbsJtltOQQeOOC_HYnX00bi3yrl9WV4sQHz2Rv7t_i6vneMbm13K5vH0TUTuyoMqsJ6Txx1moRHaTsvDOJ9VLK5xk
Requested by: Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:48 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 8BF7
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESECh0jqaWCapVxL6MRM0JltQ&google_cver=1&google_push=AXcoOmSgq83YSvThiXyMTsqO0JwHFxO262T_evb33G8miMvzxdeV1B5PZ9I93ky7cH6WbYvvetGoz8PA87jfNKZxcxPFg5rrdr85&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECh0jqaWCapVxL6MRM0JltQ&google_cver=1&google_push=AXcoOmSgq83YSvThiXyMTsqO0JwHFxO262T_evb33G8miMvzxdeV1B5PZ9I93ky7cH6WbYvvetGoz8PA87jfNKZxcxPFg5rrdr8...

43 B
393 B

210ms
191ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECh0jqaWCapVxL6MRM0JltQ&google_cver=1&google_push=AXcoOmSgq83YSvThiXyMTsqO0JwHFxO262T_evb33G8miMvzxdeV1B5PZ9I93ky7cH6WbYvvetGoz8PA87jfNKZxcxPFg5rrdr85&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSgq83YSvThiXyMTsqO0JwHFxO262T_evb33G8miMvzxdeV1B5PZ9I93ky7cH6WbYvvetGoz8PA87jfNKZxcxPFg5rrdr85%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:48 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8344d7909b506901-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:48 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 5
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECh0jqaWCapVxL6MRM0JltQ&google_cver=1&google_push=AXcoOmSgq83YSvThiXyMTsqO0JwHFxO262T_evb33G8miMvzxdeV1B5PZ9I93ky7cH6WbYvvetGoz8PA87jfNKZxcxPFg5rrdr85&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSgq83YSvThiXyMTsqO0JwHFxO262T_evb33G8miMvzxdeV1B5PZ9I93ky7cH6WbYvvetGoz8PA87jfNKZxcxPFg5rrdr85%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8344d78f5a376901-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 8BF7 0
166 B 153ms
46ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJr9kzJfkYYNc7cB5O9rGA0&google_cver=1&google_push=AXcoOmQQKJpz8dLBh-lWg4spvCRw_scOO2BV9_54-8TwfN68EYgHa8Rxa8ds_WMmXIDuItc3rcwXCpO06nK_H8lfrxVk-7pGpPTu
Requested by: Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 12 Dec 2023 09:11:47 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8BF7
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEmox-NPGEZSzCtOHoh4LMM&google_cver=1&google_push=AXcoOmSKtbZVejjuN2MqRpaXGL-vtphrOLM1UCxXlcqPbw_UCafxxpxi3QcZ6tWT5vyXmDM9KJh...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFEyNElOWFMtVy1MTVVV&google_push=AXcoOmSKtbZVejjuN2MqRpaXGL-vtphrOLM1UCxXlcqPbw_UCafxxpxi3QcZ6tWT5vyXmDM9KJhXYLKhvl1vKeqJyoVutz6enbQ

170 B
188 B

36ms
36ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFEyNElOWFMtVy1MTVVV&google_push=AXcoOmSKtbZVejjuN2MqRpaXGL-vtphrOLM1UCxXlcqPbw_UCafxxpxi3QcZ6tWT5vyXmDM9KJhXYLKhvl1vKeqJyoVutz6enbQ

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFEyNElOWFMtVy1MTVVV&google_push=AXcoOmSKtbZVejjuN2MqRpaXGL-vtphrOLM1UCxXlcqPbw_UCafxxpxi3QcZ6tWT5vyXmDM9KJhXYLKhvl1vKeqJyoVutz6enbQ
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame 8BF7 0
237 B 104ms
35ms Image
text/plain 2600:9000:211e:ee00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFAtMvwUZ8Mh1zzjWbuIn_8&google_cver=1&google_push=AXcoOmQqzuJlYnvVdOD8tIm_Rop6xrIhvWM_4QBUxEvXfn-f-CY-NbiT_MLBPEq-deorLqBzeFghI3nuYJ2-fh3Q0l7JUrwvCA0
Requested by: Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:ee00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:48 GMT
cache-control: no-cache, must-revalidate
via: 1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: SmBIaJrBILxjTjZ6r9yo50w2Bujbs9aFZKrFCh05Th54ZHzX-oPekQ==
x-cache: Miss from cloudfront

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8BF7
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRSuL2JfSIEtj5_qhaIoxvOlO-rNN1CzN-m_YtDMiMI_ZXdbTA6cs_kUV--8L5u49wBr5pfYhbP_dcocGpCEd99oUYxHmZp&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-0c725fe9-dda5-4110-9d42-fbad4c2f0555-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRSuL2JfSIEtj5_qhaIo...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRSuL2JfSIEtj5_qhaIoxvOlO-rNN1CzN-m_YtDMiMI_ZXdbTA6cs_kUV--8L5u49wBr5pfYhbP_dcocGpCEd99oUYxHmZp&google_hm=AwxyX-ndpUEQnUL7rUwvBVU

170 B
188 B

37ms
37ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRSuL2JfSIEtj5_qhaIoxvOlO-rNN1CzN-m_YtDMiMI_ZXdbTA6cs_kUV--8L5u49wBr5pfYhbP_dcocGpCEd99oUYxHmZp&google_hm=AwxyX-ndpUEQnUL7rUwvBVU

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRSuL2JfSIEtj5_qhaIoxvOlO-rNN1CzN-m_YtDMiMI_ZXdbTA6cs_kUV--8L5u49wBr5pfYhbP_dcocGpCEd99oUYxHmZp&google_hm=AwxyX-ndpUEQnUL7rUwvBVU
date: Tue, 12 Dec 2023 09:11:48 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX0c725fe9dda541109d42fbad4c2f0555003
content-type: text/html

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8BF7 0
12 B 34ms
30ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LojG5p_7abgc-136Fa44skHpZWozOC342ozpHToydinCeommQo1E6r8gpjKqmisCc4aNRO

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 54CC 0
0 116ms
60ms Fetch
image/gif 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvUqNccTEC9uMtBbP45yB5dcPznTWy2Mt3AlkF9mU_-wu_pvaFRJpx-PULuLcHkB2gdXSsHLtvuOomS6-VW7UYjw3TsASlP9k5bZiLCRm1lK6E2m6DzLHiGHOKuyV51MrtrbZpSDwyJi9-Jx-zZQrQPRQSITWZ3XQQWplo5uOMtpev6wtScpv5Cnk9c-V4aGUBQ8MIPSNeTHdY8aj4fmdqnHTJNB2DSgkec7qts261lECudPQUxiEVlgaQ8sSv7ujlGnZaH3ekcN-chfV3qHULe1xMD1kHzJ5NwW8B5mA3HF-a-cRuFbdDv4zeBOIAihjMOirQYLTgveqHndWixw5MKeRvcWIxABMSciDUNQRi-ZcBjrtFh70taZlvNlsSB3ckfO2F2DEE_T9ZBIEjPkVZbzsBA6DfTFowyzC6JKRxA74UPHe1TNKqT4ABqgoMDOanTljwE9Gi1kcXvlg7AGSAtVYPWFsVC4_VB42AphpQEgmUSM-Z7V18-KQBX6g4nx95D6nN0QAGSm6AGWU2qXadD7jG3l7PvckgGcs6g-oxx2biIMxQ_g0EyJjrITQ_S4xRye7wm9OjAYJEyy7kPR2bJFfva06FWQKY4sobtxsElOPZtjnRPTOkEoJGP9cRGBxlbG7l6hC4ydYBHjctCGlq6aW6DzMUW8oDQhHsA8l-bHenLlqLRu5BbWZRMhqlYa4hJI3XgNQoUkDK8s9vsLfCqc3kEwGpbEvfyFyH7ctXYCZOsQxiHhJFqDWSYg62zKC5Ru5Qr7UzibIsPpmigLj1_AKdhFz1uLJCU6RPqHOd2VTVYOKViQhgn02-BX6aXvsHRFZVVWi3LB4EEEQ2VRjkKz5A1961OKCzT_aq6T3dZV88U-dflvYjn1ZpA5IcBtpN70XVNefFmEmwy2i9wburTP9qO545sH6rg9cfDnO_m3o3nm-WQOmJKP9npD9IZ5mn4d65egdYPG-kj1E8WMre38EaHyvxYa5BX14OBBHH3Yx20_Y4karKSA0pL0DpMXI-DkR5luPZH8SfktAexol28CXYHp2Y2JVTIopY_tVvxpH6_2qt2o3Y8bCifZNgtfsohEvYB4sd-zuVXe5NUA30VLs87ZQ1qTTKMy0VuQMod0zypWXL1kT_rvpzSu8-V2xa6sJ4DMy4GtdJYjN6qr1J5bNG0KkhQZzjslEzSfZMxO1jXC-I_9ZJzmxZsY3Pp8MDjmt23ZzSuYQfwqu-ciZTVyRa-p9bRqvsVL3TCYQ9MjEGwnuw3CqrJgF9BNMGExDkYjGgxZpwryVdhpgSZXG1JdmoDFfsN6eX70bsqiW9UDjTuwQ_aA6i96bmCehDk0rQPhRqyvDp1zTe9H2aBeUK5cs7wAo8qXDjI3lRrnYlv_H4XS9bd46nvI0uxOVNoa8Wa1yTCsI1IplOMdRjz9wVpGFV1qLkD4qiYDl6cAQR0lfNssjh_b2HclXzBS1SYCCfvBMuqVxlGNEobkrBd0BsKYQ7Rs95gEP7FXtWuKSJAf29Nu84DwrVjfWA2qxXIuYXhzt9PN219HNsReE-zZtiZ&sai=AMfl-YSWKKkkWcRRlpXwV8f558AymBdM3Kj2vrVJ0jEajGv3ENrZ4UhQc9wK_dB_84mG9yIzJ_nbCMTEtA44fb-K48H7tjU3q42lgjjYmluCQTl-v7-Ds5iWdkMBx12JT19h-WVg1pM9mVDPIW2K9T-xXgGV9N6b-pMuNSBs3iOQ3InJgUPtoQRO29-btJjRD_encUp7N3Tq1o_FY40clFDCpyxI361pHGWAot-ausQN7NEVFA-lyhAuiYUNhm5NuvHuKcEdAiv5lUFgVc1D24jYnnX0RHv7-j0Ys_ROy2NQxMzYjdDynDt5CmShVII7OsRrv4kflXv3vrGPuTFd2dLX57SV2AiGLBMufS9Ykw41hc_GlIAd6Cs45patuC1TKHyVlT6FccBnNfz0eOMwe2wWWTFggmvWB765SD5ZhwVbNrxUvAnkuEo&sig=Cg0ArKJSzBCBh74kUwo-EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYW52YS5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=32&vt=11&dtpt=31&dett=2&cstd=0&cisv=r20231207.71351&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 54CC 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1db8c53ee0e575d1e93966f42fcda4eb87e03d7387600572faa04d4d70376ff2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame E0A6 38 KB
13 KB 26ms
21ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 210
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 09:08:18 GMT
expires: Wed, 11 Dec 2024 09:08:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 0C43
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESECh0jqaWCapVxL6MRM0JltQ&google_cver=1&google_push=AXcoOmROwHhR1eOMWMcWzGstvX3O-MbrRNEYyXo5rLspRyYa7EH6mcPnw5dGMJ-954h_86iUuLct4GNfNZ4aux2iXZqUkJ2kt-gI&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECh0jqaWCapVxL6MRM0JltQ&google_cver=1&google_push=AXcoOmROwHhR1eOMWMcWzGstvX3O-MbrRNEYyXo5rLspRyYa7EH6mcPnw5dGMJ-954h_86iUuLct4GNfNZ4aux2iXZqUkJ2kt-g...

43 B
424 B

208ms
188ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECh0jqaWCapVxL6MRM0JltQ&google_cver=1&google_push=AXcoOmROwHhR1eOMWMcWzGstvX3O-MbrRNEYyXo5rLspRyYa7EH6mcPnw5dGMJ-954h_86iUuLct4GNfNZ4aux2iXZqUkJ2kt-gI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmROwHhR1eOMWMcWzGstvX3O-MbrRNEYyXo5rLspRyYa7EH6mcPnw5dGMJ-954h_86iUuLct4GNfNZ4aux2iXZqUkJ2kt-gI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:48 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8344d7909b556901-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:48 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 467
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECh0jqaWCapVxL6MRM0JltQ&google_cver=1&google_push=AXcoOmROwHhR1eOMWMcWzGstvX3O-MbrRNEYyXo5rLspRyYa7EH6mcPnw5dGMJ-954h_86iUuLct4GNfNZ4aux2iXZqUkJ2kt-gI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmROwHhR1eOMWMcWzGstvX3O-MbrRNEYyXo5rLspRyYa7EH6mcPnw5dGMJ-954h_86iUuLct4GNfNZ4aux2iXZqUkJ2kt-gI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8344d78f5a3a6901-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0C43
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENIo_nbioqzP6SIf3swJXbw&google_cver=1&google_push=AXcoOmR-sUcKaUks1_rDY-xOqlJCfRJBm5V41d1FKA0sb9eVzd9Ku6Fhv52LOqIW2Y-UZ_owSX0GFDsYa09...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR-sUcKaUks1_rDY-xOqlJCfRJBm5V41d1FKA0sb9eVzd9Ku6Fhv52LOqIW2Y-UZ_owSX0GFDsYa094UgK_DywhQz1XIb5H&google_hm=DZKdhZlgTCGXYk8_JYsSKhQ

170 B
188 B

36ms
36ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR-sUcKaUks1_rDY-xOqlJCfRJBm5V41d1FKA0sb9eVzd9Ku6Fhv52LOqIW2Y-UZ_owSX0GFDsYa094UgK_DywhQz1XIb5H&google_hm=DZKdhZlgTCGXYk8_JYsSKhQ

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:48 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR-sUcKaUks1_rDY-xOqlJCfRJBm5V41d1FKA0sb9eVzd9Ku6Fhv52LOqIW2Y-UZ_owSX0GFDsYa094UgK_DywhQz1XIb5H&google_hm=DZKdhZlgTCGXYk8_JYsSKhQ
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0C43
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECajEtOTWHkKO80GeaEfVxk&google_cver=1&google_push=AXcoOmRxdE_AreMgcHmo3gYD982rNObZrAVcRh8CgZdltVvDcYo3cj5eWoeGDyrUatNFUrH87-fmXv-DjqIp2d...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMTYzMzM4ODQ4NjA2NDI4Mw%3D%3D&google_push=AXcoOmRxdE_AreMgcHmo3gYD982rNObZrAVcRh8CgZdltVvDcYo3cj5eWoeGDyrUatNFUrH87-fmXv-DjqIp2dK9q4...

170 B
188 B

52ms
52ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMTYzMzM4ODQ4NjA2NDI4Mw%3D%3D&google_push=AXcoOmRxdE_AreMgcHmo3gYD982rNObZrAVcRh8CgZdltVvDcYo3cj5eWoeGDyrUatNFUrH87-fmXv-DjqIp2dK9q4eGnk9AM0pm

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMTYzMzM4ODQ4NjA2NDI4Mw%3D%3D&google_push=AXcoOmRxdE_AreMgcHmo3gYD982rNObZrAVcRh8CgZdltVvDcYo3cj5eWoeGDyrUatNFUrH87-fmXv-DjqIp2dK9q4eGnk9AM0pm
Date: Tue, 12 Dec 2023 09:11:48 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0C43
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENVy9S4XRqLEQ_dQu16m99w&google_cver=1&google_push=AXcoOmSRnFjrfxXQ88EBYVPId80P0iCGKFbu4eYF9iNfnjg5B4CSCKoTaFhvVRf9RlppNfXWqw6lGFknYmbb7_c-N60k8nY...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSRnFjrfxXQ88EBYVPId80P0iCGKFbu4eYF9iNfnjg5B4CSCKoTaFhvVRf9RlppNfXWqw6lGFknYmbb7_c-N60k8nYAO_k&google_hm=eS1uNnBuSkd0RTJwSGU5SXk...

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSRnFjrfxXQ88EBYVPId80P0iCGKFbu4eYF9iNfnjg5B4CSCKoTaFhvVRf9RlppNfXWqw6lGFknYmbb7_c-N60k8nYAO_k&google_hm=eS1uNnBuSkd0RTJwSGU5SXk4akJhN1hXbThHWm1mRV9ESH5B

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 12 Dec 2023 09:11:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSRnFjrfxXQ88EBYVPId80P0iCGKFbu4eYF9iNfnjg5B4CSCKoTaFhvVRf9RlppNfXWqw6lGFknYmbb7_c-N60k8nYAO_k&google_hm=eS1uNnBuSkd0RTJwSGU5SXk4akJhN1hXbThHWm1mRV9ESH5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 0C43 43 B
363 B 92ms
30ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmS00u88eNQNK_Z8hJH-mDV0vFpQJTRVn74XU-RvafMcUHKuraXnfdHi0oCBMgAl5zoLVOhYDLWjKj89vkVel31CsO-rfTpq&google_gid=CAESEKDvjZw3xBBmR3ae8do8kj0&google_cver=1

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:47 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 193692
expires: Tue, 12 Dec 2023 00:00:00 GMT

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 0C43 0
75 B 173ms
37ms Image
text/plain 185.86.138.154
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEHOL0pmmTEHTUrTyJr8uQIU&google_cver=1&google_push=AXcoOmSfAflZafTEgZDVtslqospK5ZPz5sLP_mweS0OMl9j-pdcbSqkGA7JBTuUOtvl2ssyUISjp_Ex6_RboYWS50sxIm8IK7Hb-
Requested by: Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:48 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0C43
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEOm4p55RR5Y88DBNuMF10zo&google_cver=1&google_push=AXcoOmQCaHWHxyrU9...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzU2ODA0MTY0NDg2NjI1NTg0Mg%3D%3D&google_gid=CAESEOm4p55RR5Y88DBNuMF10zo&google_cver=1&google_push=AXcoOmQCaHWHxyrU9hkmsAeOk1nxHpG7FU...

170 B
188 B

31ms
30ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzU2ODA0MTY0NDg2NjI1NTg0Mg%3D%3D&google_gid=CAESEOm4p55RR5Y88DBNuMF10zo&google_cver=1&google_push=AXcoOmQCaHWHxyrU9hkmsAeOk1nxHpG7FU2z3SNhJKetXRydZOVw6puksjDHEY6wXCFDxZZSmgc-IRaJr-9iXhXoKy3kv3aHC3LWCQ

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:48 GMT
an-x-request-uuid: a90139a8-18ad-40ac-b613-4246931fdf78
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzU2ODA0MTY0NDg2NjI1NTg0Mg%3D%3D&google_gid=CAESEOm4p55RR5Y88DBNuMF10zo&google_cver=1&google_push=AXcoOmQCaHWHxyrU9hkmsAeOk1nxHpG7FU2z3SNhJKetXRydZOVw6puksjDHEY6wXCFDxZZSmgc-IRaJr-9iXhXoKy3kv3aHC3LWCQ
x-proxy-origin: 217.114.218.20; 217.114.218.20; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0C43 0
12 B 36ms
34ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jjg5K80CBSx1XPJt-2Wx-TkQ5BZlCXxK0QQ0gOgFKBt9i4ZxOINqBszX7sc5_Z2zlId24gEg

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4471 0
20 B 58ms
55ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7491989659928&version=m202309260101&ct=76&x=1&cor=3847533235364936000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2B93
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI5MAXo5GBeHG0v49jzJ9_Q&google_cver=1

43 B
734 B

81ms
81ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI5MAXo5GBeHG0v49jzJ9_Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGMW8-4ACMAE&v=APEucNWyUO1HmWzSgm_sYKJv8QD26diwNP_5WixevG8l2RouFa8pp7Y4TtQrrZgFm1fONtE_xnBSEmic-vpvri7MB0Bckmn6l_x5wjGLl_2t_8azep0WNOpAeeGBVM1KZwVvzojKd_IIRZlQl_WP1bKvKB30pFZxw57ylWC1wriiilST9hLP9X4
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nz13Zcm3%2BKYJmKsDz6%2FJC8SwSpLLkM0wE4HZPetN3PiO01Blnwp1ZaiVYugbFnfF8ypBRgDA%2B7PuUxfDWrZ304bbFE18605QiTBr4sC4%2BgTGZCt5TvcZaUjYJIFpMd22Z9l0YDgckpyEhw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8344d78f781558ea-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI5MAXo5GBeHG0v49jzJ9_Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2B93
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXgj0g89.YoPDRU4Ak0tZQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI5MAXo5GBeHG0v49jzJ9_Q&google_cver=1&google_hm=2

43 B
731 B

70ms
70ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI5MAXo5GBeHG0v49jzJ9_Q&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGMW8-4ACMAE&v=APEucNWyUO1HmWzSgm_sYKJv8QD26diwNP_5WixevG8l2RouFa8pp7Y4TtQrrZgFm1fONtE_xnBSEmic-vpvri7MB0Bckmn6l_x5wjGLl_2t_8azep0WNOpAeeGBVM1KZwVvzojKd_IIRZlQl_WP1bKvKB30pFZxw57ylWC1wriiilST9hLP9X4
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=njoPngVmfRiyTnSbK8%2F4vgdKyEE6FxXy1h2UFDQUvm4tO3UqEcjHSgjbx6XbpHDeFBdLh6IEwaeR%2F4FOkI1VwEFO3w38SuiCVOJmBbxsWL2dbWYUrdXDpvFrmqjSNY0DAM9L0KWtlzL1dA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8344d7903a1d58ea-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI5MAXo5GBeHG0v49jzJ9_Q&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 2B93
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIFLpVuG88RvFlu8ACR2ZAU&google_cver=1

43 B
845 B

36ms
36ms

Image
image/gif

185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEIFLpVuG88RvFlu8ACR2ZAU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGMW8-4ACMAE&v=APEucNWyUO1HmWzSgm_sYKJv8QD26diwNP_5WixevG8l2RouFa8pp7Y4TtQrrZgFm1fONtE_xnBSEmic-vpvri7MB0Bckmn6l_x5wjGLl_2t_8azep0WNOpAeeGBVM1KZwVvzojKd_IIRZlQl_WP1bKvKB30pFZxw57ylWC1wriiilST9hLP9X4

Protocol

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:48 GMT
an-x-request-uuid: 1d223e62-26e2-4c15-b213-65de10739b7d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.20; 217.114.218.20; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEIFLpVuG88RvFlu8ACR2ZAU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2B93
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU2ODA0MTY0NDg2NjI1NTg0Mg%3D%3D

170 B
188 B

51ms
51ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU2ODA0MTY0NDg2NjI1NTg0Mg%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:48 GMT
an-x-request-uuid: df080f48-23e6-4190-8590-9da47202b11b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU2ODA0MTY0NDg2NjI1NTg0Mg%3D%3D
x-proxy-origin: 217.114.218.20; 217.114.218.20; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 240E 38 KB
13 KB 21ms
21ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 210
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 09:08:18 GMT
expires: Wed, 11 Dec 2024 09:08:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/1134040588244736890/ Frame 3FBA 30 KB
4 KB 30ms
29ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71d84ac0536673843ec232ff0f73fd42a9b85638c452455aed825c350dc7871b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 09:11:48 GMT
expires: Wed, 11 Dec 2024 09:11:48 GMT
last-modified: Tue, 14 Jun 2022 11:23:07 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FB89 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 26d33e72c9fcc8a54a5b8a6f59f3298f2341abde08fb70388d9652fae0b497f0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame FB89 0
0 73ms
67ms Fetch
image/gif 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvsorzEE6ifXKGRhr08M_mp9h5ZVHpZDOckwXYZXpTpSaAcdCytuJiyONM9IL80KzQE53YidychzsByATYRyU73R-En_th3B5JNg-R8qg8LneiWfOlqq-FKD6p1nfSowyFoJ_4D3UWDOgcFF_uHol29eHJYHQc6tXol-LpeOU2uIYj_yoXnkBWajanBn68zJdyfV5Liyi4DfDrOcq8N2KBVI4wbNnpuZvowm_hxYM0GLPRqFY6JSd0vB8O4zqw8A8DyUgWDQuSkEGh-_T76WkiUT7D56BcBAaHEpvxY2BzrUq_3eq3GsX4A6AoWlOE23OiQ4PhQeanFjvqBjJWqoYnN46dDntBzJGikgngdmdoFUqHL3IcoC9iWp46kkvTLK_w85FG7kKYr_oRPY4I1f1P8pEkXAfH5oi6WjANERIkU90F5MWem1ucJAwltoTPcPFKj7OozBZ6lMHeMxQdUqVvsTdvKJuHh72lX3DEpCnmgCAzWMv0zCZ6hgOjmhr4bxtu8BpUb7ve_Iv0-a6G9X0Q_Cb4tsBD5ZoQUKy5dKyiv9VOCEDwkyYIMuo2Xi8cEMZrENlw3aotVg8m3rjv8IMEzzTfivtEYfsDfjchPa5SDGPjFeiSOB0UBQLIreNKcu6VK3lN6a0twqODSTM4ZXr0Kdux10iUyYS-z4263P184QBSJ2zuykE00MmP_b2gjPorVwC3d6RWPzyu9NvfMBH1c7M0gNovg1hVk2yyRU7OO3a4ZD7gkhwVxEbszX2urjqt8bucoR7XdFZPN-wJJz0_MFWdS22derLdR2kCbc3v5GFpGj6haN-UhNFF7miTLkQw1zmCkQIeYVhm2q9o148ZcO9aQl82p_wSgX2akbf1TAHhh9lAMTSgIvqy0XqbPo5c6bAZCbPDYS-_ORejJdVVnsEGQri5rc_lx3py8ocCu2XQZvhChhqZwDEzeRsYf10JJIlj6MRwwX5c8RaegZRWKluvCoyN78kmzhcJPa1KhXHPXgvHY540u1nzHGV7YVZ0e2PvJptL1-AMdgtPm4_SYNJ4sC21Pxvlmtwko9Pu4SodsDvSKH_pkk0sF-R1aRnjqvJcAFEUMKsZIaNV3c6m-auQ_yWMCLy0W_NRLZiqhPyO91UmeoI3NJpPpjfUlFj-VD5onsO4otRqOAi1tG_eVXGZMsYLWVngsMzq6YjkYfQ0fvpZ0mmr_O5guZXUkpma4SCrt1JpyDN5OSjpoXFRvdk41LkjlwP1WZd-Hshf1-W5eYHsBLAqp6kh-aeVveP5jmntrNJD2sKJQHqcgM_C5uktI3dFyfPqmycDkUMhWjdC7lVxDCrPAjRYoKak_G43dhl6f1aJ5m6AJP3sAbOpC1IsPCeB-Ih0fqtpQeTtILpARxfW18U0eVL9HuSlIsWn4ArGrbG1i1E4pBT9I-k229QgUy1Gy3EAMBZUXIIb6ixq_zzi-GDr43P-z_z2YOpZ-nR0Qu_O5MoESxtYAPvn1tWKAHnnLFhk9hDvOSb3MYiP9LiFAyQvEPmigIgRU_Ba7LqEZwCj4DUFnJcaoY6i5Nszee4mpxB7doYnlBfW2cBw8A1duFEX5&sai=AMfl-YQpFznxLlK-jHuj0s-dJlt1bU7S9NpWxpqrcKXI2zsSClsVuYuyaTACFqB__8tzB3TWHCsSzwhmKoOBsNSDpzgjoDgtSF4NEqnmeMjNBAJX6nV-YULEdIXU_Eifl7ruFmtAe6lqjlaqshRDf0JQKZi1xvUjTR3uDHtZweTPvVcDWCqm308HUQpRNcaoWkB5LtFVyflWkfpQ8tgqRdSb_4xsd3Seu9IcBPDaayv7335NyntI5KYtCoZioQ0T6hOYg7DTqWpD_fcsICkIyIG-bRe6oAjmU0uLFva_v_QLfwo-a8jsp7wH7v-sHIcY79SF3lUAep3fh0hsjaQGSA4aVldlFIvxVTomVPgLTsHoCgkJgmUP-2s904lHasW666fW3W9hi3uy4lw5gFFbbUNiEyymKts6JeYgECUCTNtw&sig=Cg0ArKJSzH39sknOyWQCEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9tb3VzZXIuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=69&cbvp=1&cstd=63&cisv=r20231207.34552&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 12 Dec 2023 09:11:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B879
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELOxxgjKtkOhGPtwHfRRcY0&google_cver=1

43 B
105 B

29ms
28ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELOxxgjKtkOhGPtwHfRRcY0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DEJ_18b0CGPCVhbQBMAE&v=APEucNWr8oE-1uPIiC5RM8QY_DRE9cRs1Im1eOHV-huhkFJr7EymibNxS7Iw3RUpdrGJTTKBhZK-GZwUYAVxxcA2LPXkeGVSRWjxf4qfgZtpRtx-VhMtaa9xqdTW3sBWixcDtfQlWIuK88DjQTmPr6dikQOFZ1iQ8FbRk04wqZKci1KbRFNnHjE
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:48 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELOxxgjKtkOhGPtwHfRRcY0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame B879 43 B
122 B 39ms
29ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DEJ_18b0CGPCVhbQBMAE&v=APEucNWr8oE-1uPIiC5RM8QY_DRE9cRs1Im1eOHV-huhkFJr7EymibNxS7Iw3RUpdrGJTTKBhZK-GZwUYAVxxcA2LPXkeGVSRWjxf4qfgZtpRtx-VhMtaa9xqdTW3sBWixcDtfQlWIuK88DjQTmPr6dikQOFZ1iQ8FbRk04wqZKci1KbRFNnHjE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:48 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame B879
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESELgE0VwF_tmkG0Z2sqdhL2c&google_cver=1

23 B
163 B

195ms
87ms

Image
image/gif

2.19.217.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESELgE0VwF_tmkG0Z2sqdhL2c&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DEJ_18b0CGPCVhbQBMAE&v=APEucNWr8oE-1uPIiC5RM8QY_DRE9cRs1Im1eOHV-huhkFJr7EymibNxS7Iw3RUpdrGJTTKBhZK-GZwUYAVxxcA2LPXkeGVSRWjxf4qfgZtpRtx-VhMtaa9xqdTW3sBWixcDtfQlWIuK88DjQTmPr6dikQOFZ1iQ8FbRk04wqZKci1KbRFNnHjE
Protocol: H2
Server: 2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-217-101.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Tue, 12 Dec 2023 09:11:48 GMT
pragma: no-cache
date: Tue, 12 Dec 2023 09:11:48 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESELgE0VwF_tmkG0Z2sqdhL2c&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame B879 23 B
163 B 236ms
84ms Image
image/gif 2.19.217.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DEJ_18b0CGPCVhbQBMAE&v=APEucNWr8oE-1uPIiC5RM8QY_DRE9cRs1Im1eOHV-huhkFJr7EymibNxS7Iw3RUpdrGJTTKBhZK-GZwUYAVxxcA2LPXkeGVSRWjxf4qfgZtpRtx-VhMtaa9xqdTW3sBWixcDtfQlWIuK88DjQTmPr6dikQOFZ1iQ8FbRk04wqZKci1KbRFNnHjE
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-217-101.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Tue, 12 Dec 2023 09:11:48 GMT
pragma: no-cache
date: Tue, 12 Dec 2023 09:11:48 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame E0A6 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 21:30:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 21:30:24 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 240E 39 KB
15 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 21:30:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 21:30:24 GMT

GET
H3 200 gwdpage_style.css
s0.2mdn.net/sadbundle/1134040588244736890/ Frame 3FBA 55 B
105 B 20ms
20ms Stylesheet
text/css 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1134040588244736890/gwdpage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:13:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25083
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:23:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 02:13:45 GMT

GET
H3 200 gwdpagedeck_style.css
s0.2mdn.net/sadbundle/1134040588244736890/ Frame 3FBA 731 B
271 B 44ms
41ms Stylesheet
text/css 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1134040588244736890/gwdpagedeck_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 00:37:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30872
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:23:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 00:37:16 GMT

GET
H3 200 gwdgooglead_style.css
s0.2mdn.net/sadbundle/1134040588244736890/ Frame 3FBA 24 B
80 B 43ms
40ms Stylesheet
text/css 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1134040588244736890/gwdgooglead_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 18:08:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54197
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:23:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Dec 2024 18:08:31 GMT

GET
H3 200 gwdimage_style.css
s0.2mdn.net/sadbundle/1134040588244736890/ Frame 3FBA 281 B
195 B 41ms
38ms Stylesheet
text/css 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1134040588244736890/gwdimage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 20:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44650
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 158
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:23:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Dec 2024 20:47:38 GMT

GET
H3 200 gwdattached_style.css
s0.2mdn.net/sadbundle/1134040588244736890/ Frame 3FBA 26 B
81 B 37ms
34ms Stylesheet
text/css 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1134040588244736890/gwdattached_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 21:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42024
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:23:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Dec 2024 21:31:24 GMT

GET
H3 200 gwdtaparea_style.css
s0.2mdn.net/sadbundle/1134040588244736890/ Frame 3FBA 157 B
193 B 38ms
35ms Stylesheet
text/css 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1134040588244736890/gwdtaparea_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 03:18:55 GMT
x-content-type-options: nosniff
age: 21173
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:23:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 03:18:55 GMT

GET
H3 200 gwd_webcomponents_v1_min.js Show response
s0.2mdn.net/sadbundle/1134040588244736890/ Frame 3FBA 20 KB
6 KB 50ms
47ms Script
application/x-javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1134040588244736890/gwd_webcomponents_v1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 21:23:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42502
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6276
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:23:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Dec 2024 21:23:26 GMT

GET
H3 200 googbase_min.js Show response
s0.2mdn.net/sadbundle/1134040588244736890/ Frame 3FBA 400 B
312 B 47ms
45ms Script
application/x-javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1134040588244736890/googbase_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 13:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69300
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 275
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:23:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Dec 2024 13:56:48 GMT

GET
H3 200 gwdpage_min.js Show response
s0.2mdn.net/sadbundle/1134040588244736890/ Frame 3FBA 3 KB
1 KB 50ms
48ms Script
application/x-javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1134040588244736890/gwdpage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 514
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1308
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:23:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 09:03:14 GMT

GET
H3 200 gwdpagedeck_min.js Show response
s0.2mdn.net/sadbundle/1134040588244736890/ Frame 3FBA 8 KB
3 KB 48ms
46ms Script
application/x-javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1134040588244736890/gwdpagedeck_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1199
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3191
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:23:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 08:51:49 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 3FBA 118 KB
40 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 04:12:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17955
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Dec 2023 04:12:33 GMT

GET
H3 200 gwdgooglead_min.js Show response
s0.2mdn.net/sadbundle/1134040588244736890/ Frame 3FBA 13 KB
4 KB 46ms
44ms Script
application/x-javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1134040588244736890/gwdgooglead_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1142
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4481
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:23:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 08:52:46 GMT

GET
H3 200 gwdimage_min.js Show response
s0.2mdn.net/sadbundle/1134040588244736890/ Frame 3FBA 5 KB
2 KB 45ms
44ms Script
application/x-javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1134040588244736890/gwdimage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 20:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44849
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2014
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:23:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Dec 2024 20:44:19 GMT

GET
H3 200 gwdattached_min.js Show response
s0.2mdn.net/sadbundle/1134040588244736890/ Frame 3FBA 1 KB
627 B 55ms
54ms Script
application/x-javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1134040588244736890/gwdattached_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:55:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58555
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 590
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:23:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Dec 2024 16:55:53 GMT

GET
H3 200 gwdtexthelper_min.js Show response
s0.2mdn.net/sadbundle/1134040588244736890/ Frame 3FBA 7 KB
3 KB 44ms
43ms Script
application/x-javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1134040588244736890/gwdtexthelper_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dea5d8ba9e54379b26e109f61ceba20a0781d4f80eed75fce6ad0993d4784195

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 572
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2823
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:23:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 09:02:16 GMT

GET
H3 200 gwdtaparea_min.js Show response
s0.2mdn.net/sadbundle/1134040588244736890/ Frame 3FBA 3 KB
1 KB 58ms
57ms Script
application/x-javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1134040588244736890/gwdtaparea_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f2aac94d011ec45570ef1245e5fc8df73ebd09b1c6859c5a8393df5336e01b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 21:53:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40703
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1356
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:23:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Dec 2024 21:53:25 GMT

GET
H3 200 gwdgpadataprovider_min.js Show response
s0.2mdn.net/sadbundle/1134040588244736890/ Frame 3FBA 3 KB
1 KB 57ms
56ms Script
application/x-javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1134040588244736890/gwdgpadataprovider_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a170f5913eecb1afeda4cccca5d5b9589c8f068a04ae2c517b602e1484982b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 390
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1293
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:23:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 09:05:18 GMT

GET
H3 200 gwddatabinder_min.js Show response
s0.2mdn.net/sadbundle/1134040588244736890/ Frame 3FBA 5 KB
2 KB 56ms
54ms Script
application/x-javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1134040588244736890/gwddatabinder_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3460d76a3013a4bb9c689877b41f3eadbf5e780ed9230fb8f8bbd16fcc59842

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:38:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297191
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2351
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:23:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 22:38:37 GMT

GET
H3 200 gwd-dynamic-binders.js Show response
s0.2mdn.net/sadbundle/1134040588244736890/ Frame 3FBA 23 KB
9 KB 56ms
55ms Script
application/x-javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1134040588244736890/gwd-dynamic-binders.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df544db2e8b010512a5ec168d3a9b91355c7197d04a1b29325510e29405e6e0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:28:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56612
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9229
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:23:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Dec 2024 17:28:16 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame FB89 0
0 67ms
60ms Fetch
image/gif 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvsorzEE6ifXKGRhr08M_mp9h5ZVHpZDOckwXYZXpTpSaAcdCytuJiyONM9IL80KzQE53YidychzsByATYRyU73R-En_th3B5JNg-R8qg8LneiWfOlqq-FKD6p1nfSowyFoJ_4D3UWDOgcFF_uHol29eHJYHQc6tXol-LpeOU2uIYj_yoXnkBWajanBn68zJdyfV5Liyi4DfDrOcq8N2KBVI4wbNnpuZvowm_hxYM0GLPRqFY6JSd0vB8O4zqw8A8DyUgWDQuSkEGh-_T76WkiUT7D56BcBAaHEpvxY2BzrUq_3eq3GsX4A6AoWlOE23OiQ4PhQeanFjvqBjJWqoYnN46dDntBzJGikgngdmdoFUqHL3IcoC9iWp46kkvTLK_w85FG7kKYr_oRPY4I1f1P8pEkXAfH5oi6WjANERIkU90F5MWem1ucJAwltoTPcPFKj7OozBZ6lMHeMxQdUqVvsTdvKJuHh72lX3DEpCnmgCAzWMv0zCZ6hgOjmhr4bxtu8BpUb7ve_Iv0-a6G9X0Q_Cb4tsBD5ZoQUKy5dKyiv9VOCEDwkyYIMuo2Xi8cEMZrENlw3aotVg8m3rjv8IMEzzTfivtEYfsDfjchPa5SDGPjFeiSOB0UBQLIreNKcu6VK3lN6a0twqODSTM4ZXr0Kdux10iUyYS-z4263P184QBSJ2zuykE00MmP_b2gjPorVwC3d6RWPzyu9NvfMBH1c7M0gNovg1hVk2yyRU7OO3a4ZD7gkhwVxEbszX2urjqt8bucoR7XdFZPN-wJJz0_MFWdS22derLdR2kCbc3v5GFpGj6haN-UhNFF7miTLkQw1zmCkQIeYVhm2q9o148ZcO9aQl82p_wSgX2akbf1TAHhh9lAMTSgIvqy0XqbPo5c6bAZCbPDYS-_ORejJdVVnsEGQri5rc_lx3py8ocCu2XQZvhChhqZwDEzeRsYf10JJIlj6MRwwX5c8RaegZRWKluvCoyN78kmzhcJPa1KhXHPXgvHY540u1nzHGV7YVZ0e2PvJptL1-AMdgtPm4_SYNJ4sC21Pxvlmtwko9Pu4SodsDvSKH_pkk0sF-R1aRnjqvJcAFEUMKsZIaNV3c6m-auQ_yWMCLy0W_NRLZiqhPyO91UmeoI3NJpPpjfUlFj-VD5onsO4otRqOAi1tG_eVXGZMsYLWVngsMzq6YjkYfQ0fvpZ0mmr_O5guZXUkpma4SCrt1JpyDN5OSjpoXFRvdk41LkjlwP1WZd-Hshf1-W5eYHsBLAqp6kh-aeVveP5jmntrNJD2sKJQHqcgM_C5uktI3dFyfPqmycDkUMhWjdC7lVxDCrPAjRYoKak_G43dhl6f1aJ5m6AJP3sAbOpC1IsPCeB-Ih0fqtpQeTtILpARxfW18U0eVL9HuSlIsWn4ArGrbG1i1E4pBT9I-k229QgUy1Gy3EAMBZUXIIb6ixq_zzi-GDr43P-z_z2YOpZ-nR0Qu_O5MoESxtYAPvn1tWKAHnnLFhk9hDvOSb3MYiP9LiFAyQvEPmigIgRU_Ba7LqEZwCj4DUFnJcaoY6i5Nszee4mpxB7doYnlBfW2cBw8A1duFEX5&sai=AMfl-YQpFznxLlK-jHuj0s-dJlt1bU7S9NpWxpqrcKXI2zsSClsVuYuyaTACFqB__8tzB3TWHCsSzwhmKoOBsNSDpzgjoDgtSF4NEqnmeMjNBAJX6nV-YULEdIXU_Eifl7ruFmtAe6lqjlaqshRDf0JQKZi1xvUjTR3uDHtZweTPvVcDWCqm308HUQpRNcaoWkB5LtFVyflWkfpQ8tgqRdSb_4xsd3Seu9IcBPDaayv7335NyntI5KYtCoZioQ0T6hOYg7DTqWpD_fcsICkIyIG-bRe6oAjmU0uLFva_v_QLfwo-a8jsp7wH7v-sHIcY79SF3lUAep3fh0hsjaQGSA4aVldlFIvxVTomVPgLTsHoCgkJgmUP-2s904lHasW666fW3W9hi3uy4lw5gFFbbUNiEyymKts6JeYgECUCTNtw&sig=Cg0ArKJSzH39sknOyWQCEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9tb3VzZXIuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=205&vt=11&dtpt=136&dett=3&cstd=63&cisv=r20231207.34552&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3FBA 7 KB
6 KB 65ms
64ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aba5db49e3818a4e1b8adaa03a7d33aeca9db393edfa3c093df03140ee078109

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5742
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 240E 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BKAt70yN4ZfKwNujn1PIPxrebQAAAAAA4AeAEAg&bg=!HxylHFPNAAY3kmNgF5I7ADQBe5WfODphaR42c3V97G6CE-dUNuhp8snS-Rdk04YLvoM5fyY860GT2VoaxuwwWee0y7M8AgAAAIBSAAAAAmgBB5kDTXl-i8Km_EWCTVFRJpF_b3zPWpYnj-wsDUix7FfmEkFfmaotYyxD1MvkBa32-AQFjh6FhIlb3mUJyGgNzkdTmoF2i05saX-hrd6q17Nh6cr1m0ZD3AIbgXinqC-PjiyqhrjW0zMcN2-HsrWvwlZBoms3A0wvk2yTVEbNa84mOvwvuuRrjbx7rReKfmFxAJjLVaMNPiVIxSYUoIrlGIdfREDkRG2aoML5sbV1QMy8eIpPlhPOaFNmquB00MxZAgk8O085ClXyMbGXAvVtjilPbV0SIrwVQQUkIIdCbQCLCh5i__5w8pgF0y2Vg0D0U-4jYsovQVUHdQdZfZRWcKwgevT2xo2BbxzE4KlsMSdrwojZb7q3yjJBAoQydvxkeGb6fgC-L1_89ti8V_eQTH50_NXACNABhVXeSE9uc5ZQfELDdn4npxf0l_w1IEwRDN6fYYkPDX5oeEgekSzSd75vG9SwXWd_7RsxBfiLt_2p2OgLsZxlX3m-smC7owzq3bKHSOxfgZ95fQWW0ksk0ir9V47LYgrT3JRKMxwcOdHisgV9zZUDrRuaYERysrfit1XepaJ4KU4VDW_IcC5_KqOJDNGvyB4NRHhEW-p6ciyqaPKNJRta6g2b98a1ay3QUe3xqRMSzU0j1Ac1FpmX2mFUnEZQRm-uSUDUmKr64_dp2s9VBmBcJtvy_Qklj2zdaRspCWxKNkRwgIDUGXZlHQvqvMM_XmxYI-6VvKVvsJxXNPwWmZnYquRxLhOVRtuKNA8rRP-Kdv-RI_q1M21AUwsRmtJcKHlGvjCDR061FWUhK_x1_BrY_TftRY4_ZUapHNRrfiDDk00NNAlJuwoQibTkPBQ1-7vX50UKhiV5Q7WI0_OpTNQaX-hKef_YRvDmPNwS2qpn-cf24kcILFXZFo7XoR_Fv9-X_FVvgp8jldLEMQchIBB_HxK3JmRGcxqK4ztPByXeM-1a-aEbqrBwy6hFHLhboSEUxnvZ7fdl9OdV4uz_dB1c0KDmUVWeJ4eMXXPQexOiBWGfg80kvweoLwaL2NRu5MQ3_HHlLkAeJ0RxuspjGzgXonj8QN0bFgXv-LxMI1YN_DacXmKCoKatUBEMLdRtZmUOlkvBh5UNW1cc

Requested by

Host: 3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3FBA 17 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 12 Dec 2023 09:11:48 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E0A6 0
20 B 62ms
58ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B3fSA0yN4ZfGwNujn1PIPxrebQAAAAAA4AeAEAg&bg=!bG-lbyDNAAY3kmNgF5I7ADQBe5WfOHsJapII33ukd4D8vqsU-KJW0lxFV7XZ8IqmhF9DYt1AxgTf7d0kUP-Q8occJnIAAgAAAKNSAAAAAWgBBwoAKcsi224iLIfEcrSvS0dwEfZBaZn5Y5dEKyiUIzWmkg4cVfJxOhid0B4HmQM3i-jc4kfgWu0xjkK2fg_FziOE9qPjBZ6FveS4hZqIFnlxw6pb_aBV97-_lxJG3kSTbUaOp8_dWz-n4GxOSmCLPDW0WZ8rC6vI7pv5fW6uk0AP_tmZ2puQv-qh8HlEYXQVF9NIO9lrk95829tz_rB661JLbBfyPp3hP1ilwP218uAiGaqTDN3Xaca-4FnbNeg8DpNd9PLSNj1_lm7Cz3CDcaT5e2t1rU-C1m2Z2IbPDeldNRvtXnSei8TmNdhyLKhJwmUn8Iq8Zy4e7ppYX3F-4dKhyWaoQDEf3HPE-EEscEM_MIysQN1JeZfQea8nEjjBXzd-ydX29cinLAy-IQfujf1aEa1X6_58i4kDAlmFBvoANPZOScztj6BLF3YD06T3x3XvTTjXflKNRNXp1eV0ueD0bBklJTZHxpuM7VYzGIjkc6xXPLnpxpzmMiqP0q6kAY6V3E_Cvw95RQRHMZNwKnSiBjdey_NmoKHkO5mpSJ8v7s-gi-QXcy2cb-35AZNsepWKkyGtCXxFMOq-EiS-LS1HTtcC9_dQMVPaXyMyWpq1rsYVUmtqj1Z2jMG8MVwgX8q3-CJlP5ceiZljEdMN4FxwAgCfx-goI1Q0zow7sz_p2c7rfb7Q7Ke2VgvLJIQv4TTC-2_s6vCvafPkVLXnEEhT4r3prt0XACifQkYoefoiojdJYv6so5pM4Ui-aRZB0fnm8n-cBm6bJzJh-VoUXouxm43-hPhxK3fbfr3I5DtpNAJtHN3VfO10qf752GDdsdaWimRXMc8g9_6MWyIbTok9lzPBjjLHCtpwMG8Ks1py8ZeGoJXens8YE793Dh7JFrfwQLdvc48FcpsgUZvfIV9oti_VKC2UYPu-QeH5cE_e5TkH6vAMtEXJUZUbYhv2v8X_0ndrgRIC2oGIAtpfrjCACZDmki8Z6PDrJO6CaqS8jDYdbayhxL8cLdUfY9HDHvwv3cGHxpGwIeOD5Lf0dJ5aJ0u7cK8POvZvwKB-Lwq0ofHHRkS2izqIdzzhQhCd08A-HjQyNAN58AfBa1HgLEbClX4aM8kSpncsoiomUMS4PzGQ1aXGef3yZFT13h6D08tnlmHXGA

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 32834824_20210909153323200_new-in-stock-angles-de.svg
s0.2mdn.net/ads/richmedia/studio/32834824/ Frame 3FBA 2 KB
891 B 23ms
23ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/32834824/32834824_20210909153323200_new-in-stock-angles-de.svg

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41947949348419f17c54bc7c518befd832ad2c98ccf0f23157ae94b2a97ad78a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 854
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 14:25:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Dec 2023 09:05:08 GMT

GET
H3 200 silicon-labs.png_1639565348670_silicon-labs.png
s0.2mdn.net/dynamic/2/10863983/www.mouser.com/images/suppliers/logos/ Frame 3FBA 2 KB
2 KB 22ms
21ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10863983/www.mouser.com/images/suppliers/logos/silicon-labs.png_1639565348670_silicon-labs.png

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f30b6cf7e38d549ab1764b3bbf4566fde5c858543e2b31e76dccc0f6a48dbf03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 04:41:22 GMT
x-content-type-options: nosniff
age: 275426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 10:49:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 04:41:22 GMT

GET
H3 200 157824687.png-v=070223.0431_1696237910092_157824687.png
s0.2mdn.net/dynamic/2/10863983/eu.mouser.com/images/marketingid/2022/img/ Frame 3FBA 134 KB
134 KB 24ms
24ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10863983/eu.mouser.com/images/marketingid/2022/img/157824687.png-v=070223.0431_1696237910092_157824687.png

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5efc9153a41a74564ab2ce2a718ba194e61665c658fe713de5e84af9a2e521ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 04:10:13 GMT
x-content-type-options: nosniff
age: 18095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137085
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 09:12:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 04:10:13 GMT

GET
H3 200 32834824_20210413154808441_consumer-300x250.jpg
s0.2mdn.net/ads/richmedia/studio/32834824/ Frame 3FBA 36 KB
36 KB 26ms
26ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/32834824/32834824_20210413154808441_consumer-300x250.jpg

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c0e02d26abfbb1ded0acb72295d249694a4cc262bd87c3938299292789f5c97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 21:47:00 GMT
x-content-type-options: nosniff
age: 41088
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36911
x-xss-protection: 0
last-modified: Tue, 13 Apr 2021 22:48:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Dec 2023 21:47:00 GMT

GET
DATA 200
OK truncated
/ Frame 3FBA 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 silicon-labs.png_1639565348670_silicon-labs.png
s0.2mdn.net/dynamic/2/10863983/www.mouser.com/images/suppliers/logos/ Frame 3FBA 2 KB
2 KB 25ms
25ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10863983/www.mouser.com/images/suppliers/logos/silicon-labs.png_1639565348670_silicon-labs.png

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f30b6cf7e38d549ab1764b3bbf4566fde5c858543e2b31e76dccc0f6a48dbf03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 04:41:22 GMT
x-content-type-options: nosniff
age: 275426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 10:49:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 04:41:22 GMT

GET
H3 200 32834824_20210909153323200_new-in-stock-angles-de.svg
s0.2mdn.net/ads/richmedia/studio/32834824/ Frame 3FBA 2 KB
891 B 26ms
26ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/32834824/32834824_20210909153323200_new-in-stock-angles-de.svg

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41947949348419f17c54bc7c518befd832ad2c98ccf0f23157ae94b2a97ad78a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 854
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 14:25:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Dec 2023 09:05:08 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 5CA0 39 KB
15 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 21:30:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 21:30:24 GMT

GET
H3 200 157824687.png-v=070223.0431_1696237910092_157824687.png
s0.2mdn.net/dynamic/2/10863983/eu.mouser.com/images/marketingid/2022/img/ Frame 3FBA 134 KB
134 KB 21ms
20ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10863983/eu.mouser.com/images/marketingid/2022/img/157824687.png-v=070223.0431_1696237910092_157824687.png

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5efc9153a41a74564ab2ce2a718ba194e61665c658fe713de5e84af9a2e521ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1134040588244736890/index.html?e=69&leftOffset=0&topOffset=0&c=S7Y1EoBVdI&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 04:10:13 GMT
x-content-type-options: nosniff
age: 18095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137085
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 09:12:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 04:10:13 GMT

GET
H2 200 dcl.htm Show response
rt3062.infolinks.com/action/ 0
60 B 141ms
141ms Script
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3062.infolinks.com/action/dcl.htm?rid=7e9b647d-554c-4ea0-a5e1-e4deef2f7a96&prod_t=h&sdata=dream&bdc=1&midx=0&capara=%7B%22ve%22%3A%22mrc50%22%7D
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:49 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 8344d7952c8091ed-FRA
content-length: 0
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 6586 900 B
817 B 42ms
31ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0
Requested by: Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: db0b1ac1f8f187fb865114b1c44694d609d7236db2479b9bf54a3d47b7f48ff2

Request headers

Referer: https://uintacountyherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 510
content-type: text/html
date: Tue, 12 Dec 2023 09:11:50 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame 26AD 0
0 36ms
36ms Document
text/plain 216.52.2.86
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=11277942
Requested by: Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://uintacountyherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date: Tue, 12 Dec 2023 09:11:50 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap4ams1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 6586 43 B
236 B 79ms
27ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:50 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2 200 975568f3-82ed-a1a0-45d2-17c319c4d69e
pr-bh.ybp.yahoo.com/sync/openx/ Frame 6586 43 B
601 B 49ms
48ms Image
image/gif 2a05:d018:d29:3605:2964:2b9e:c1c9:93f0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/975568f3-82ed-a1a0-45d2-17c319c4d69e?gdpr=0

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:2964:2b9e:c1c9:93f0 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:50 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sync
x.bidswitch.net/ Frame 6586 43 B
146 B 80ms
23ms Image
image/gif 3.120.65.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=openx
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.65.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-65-116.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 6586
Redirect Chain

https://creativecdn.com/cm-notify?pi=openx&gdpr=0
https://creativecdn.com/cm-notify?pi=openx&gdpr=0&tc=1
https://us-u.openx.net/w/1.0/sd?id=537073053&val=Oin8Qmz1LAa4qyy2nMeMLVc1bay9pWLqrBtZLFyTw5I&pi=openx&gdpr=0&tc=1

43 B
61 B

32ms
32ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073053&val=Oin8Qmz1LAa4qyy2nMeMLVc1bay9pWLqrBtZLFyTw5I&pi=openx&gdpr=0&tc=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:50 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537073053&val=Oin8Qmz1LAa4qyy2nMeMLVc1bay9pWLqrBtZLFyTw5I&pi=openx&gdpr=0&tc=1
pragma: no-cache
date: Tue, 12 Dec 2023 09:11:50 GMT, Tue, 12 Dec 2023 09:11:50 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 6586
Redirect Chain

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=mqWPW56j3FWBo41RlKOVBZyijlGB9ItUmaQ89C3m

43 B
61 B

31ms
31ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&&val=mqWPW56j3FWBo41RlKOVBZyijlGB9ItUmaQ89C3m
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:50 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:50 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&&val=mqWPW56j3FWBo41RlKOVBZyijlGB9ItUmaQ89C3m
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 6586
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4017155514660130551

43 B
61 B

30ms
30ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4017155514660130551
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:50 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4017155514660130551
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 6586
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=5b4472ca-0eeb-8813-b40b-83a18ea0d037
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=5b4472ca-0eeb-8813-b40b-83a18ea0d037&dcc=t

43 B
568 B

45ms
45ms

Image
image/gif

52.95.122.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=5b4472ca-0eeb-8813-b40b-83a18ea0d037&dcc=t

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0

Protocol

HTTP/1.1

Server

52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Dec 2023 09:11:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: XGFNCV5194FTVJFP0YAW
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 12 Dec 2023 09:11:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: BBE25BJFYS0NHMV582MS
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=5b4472ca-0eeb-8813-b40b-83a18ea0d037&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 6586 70 B
149 B 142ms
45ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=03920eb7-1241-33e9-7405-0136e6931bd7&gdpr=0
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:11:50 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 6586 170 B
188 B 36ms
35ms Image
image/png 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmZmZGRkN2QtZGIzNi02ZDRkLTYxZTUtNWI4ZjJjNzFkNWI3

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 6586
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELOxxgjKtkOhGPtwHfRRcY0&google_cver=1

43 B
97 B

30ms
29ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELOxxgjKtkOhGPtwHfRRcY0&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:50 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 09:11:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELOxxgjKtkOhGPtwHfRRcY0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

49 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
uintacountyherald.com/	1970-01-20 16:52:59	Name: XSRF-TOKEN Value: eyJpdiI6Ik96dFVPUHBOWkFZN1JZWSswS3hNUUE9PSIsInZhbHVlIjoiTXlydThrV1JsZDFWbno5WUNCOE1Dbmp3WHVmM3lXZldhNmk3UGlHVTZseUc5cFpUUk9vY3U5dGxIaGtHSG9McTJmN1BpXC9zUlpuTW5KbUxaaHVTcWpRPT0iLCJtYWMiOiJiMDcwYzIzMGI2ZTIyNTJiOTI2ZjQ3YTZhOTg0ZTk5MDA4MzJkZjlhYmQ1MGZlNDliNTAzMTFjY2EyMWQ4ZWM4In0%3D
uintacountyherald.com/	1970-01-20 16:52:59	Name: laravel_session Value: eyJpdiI6IkdnR3p1Y2VoQjlqUFp2dm9EeUNaRUE9PSIsInZhbHVlIjoiVWJiZ1pNQ0tzWjducDJPM0paVVNqNWtLbUZFbElKbnlNcExvZ0RjeDF5bHhONWhDOFBLSlF3djJjVUtsbVpMSVV5cnJHa2hSaWVcLzI0RDk2dk1iZTVnPT0iLCJtYWMiOiJjY2FkZjExYWRmMzMwMzBlNDY0NWY2NjRkYjU5OTJlOWY5ODhhN2IwNTZkYzZhOTE2YWY2MjczOGI2ZTcxYmZmIn0%3D
uintacountyherald.com/	1970-01-21 01:38:28	Name: flipp-uid Value: 608fe090-ab5f-4dd4-b4aa-7e5e1a6c81fe
.p.flipp.com/	1970-01-21 02:28:52	Name: gid Value: "Ph427gAEPw2wmZ4+CNandw=="
uintacountyherald.com/	1969-12-31 23:59:59	Name: logglytrackingsession Value: a9763a8e-4c9a-45d4-b833-0728007ea1be
.uintacountyherald.com/	1970-01-21 02:28:52	Name: _ga Value: GA1.2.1437240365.1702372305
.uintacountyherald.com/	1970-01-20 16:54:18	Name: _gid Value: GA1.2.210403132.1702372306
.uintacountyherald.com/	1970-01-20 16:52:52	Name: _gat Value: 1
.infolinks.com/	1970-01-21 02:28:52	Name: cuid Value: 91ccf37a-d9e4-4cf4-9523-06e2ac389cba
uintacountyherald.com/	1970-01-20 17:36:04	Name: _pbjs_userid_consent_data Value: 3524755945110770
.uintacountyherald.com/	1970-01-20 16:52:54	Name: _hjFirstSeen Value: 1
.uintacountyherald.com/	1970-01-20 16:52:54	Name: _hjIncludedInSessionSample_467830 Value: 1
.uintacountyherald.com/	1970-01-20 16:52:54	Name: _hjSession_467830 Value: eyJpZCI6ImI0Y2FlYjRjLTk0MTUtNDlmZC04NDk5LTA3YjY2YzdlNjY2NCIsImNyZWF0ZWQiOjE3MDIzNzIzMDU3NjgsImluU2FtcGxlIjp0cnVlLCJzZXNzaW9uaXplckJldGFFbmFibGVkIjpmYWxzZX0=
.uintacountyherald.com/	1970-01-21 01:38:28	Name: _hjSessionUser_467830 Value: eyJpZCI6IjgwYWJiYzViLWFkN2ItNWRhYS04NmUwLWUzZTg2NjQ3MDZjYSIsImNyZWF0ZWQiOjE3MDIzNzIzMDU3NjgsImV4aXN0aW5nIjp0cnVlfQ==
.uintacountyherald.com/	1970-01-20 16:52:54	Name: _hjAbsoluteSessionInProgress Value: 0
.uintacountyherald.com/	1970-01-21 02:28:52	Name: _ga_J19JFGRKPN Value: GS1.2.1702372305.1.0.1702372305.60.0.0
.uintacountyherald.com/	1970-01-21 02:14:28	Name: __gads Value: ID=63017a558788a582:T=1702372305:RT=1702372305:S=ALNI_MaI-7pStYkKeupuLlJsOpNrEbim6A
.uintacountyherald.com/	1970-01-21 02:14:28	Name: __gpi Value: UID=00000d13d41a618e:T=1702372305:RT=1702372305:S=ALNI_MbUt99KBZ4JmtCTofoBT5vRdjjO8w
.doubleclick.net/	1970-01-21 02:14:28	Name: IDE Value: AHWqTUnrfE1xW0mT-eNkJ-z7x4BBQpstrGNOf0a63iYrXDqrSDU01RY6Na_tXluL
.doubleclick.net/	1970-01-20 21:12:04	Name: APC Value: AfxxVi7GlIAJjdgM7SIbaDOpYujmPJ7rOvjpU1VYuci8ppGvHaaU6Q
.casalemedia.com/	1970-01-20 19:02:28	Name: CMPS Value: 5247
.adnxs.com/	1970-01-20 19:02:28	Name: uuid2 Value: 3568041644866255842
.casalemedia.com/	1970-01-21 01:38:28	Name: CMID Value: ZXgj0g89.YoPDRU4Ak0tZQAA
.casalemedia.com/	1970-01-20 19:02:28	Name: CMPRO Value: 5247
.bing.com/	1970-01-21 02:14:28	Name: MUID Value: 12C4D38DEB31674200A3C068EAF1666C
.openx.net/	1970-01-21 01:38:28	Name: i Value: d03e31ee-bbc6-0c1e-2ed3-c9de82b4282a\|1702372306
.lijit.com/	1970-01-21 01:38:28	Name: ljt_reader Value: HztHsBZHJG08-6W0S9icn8_r
.go.sonobi.com/	1970-01-20 17:36:04	Name: __uis Value: d40d74a3-4838-47c4-8c12-a791a1247ba1
.go.sonobi.com/	1970-01-20 16:54:18	Name: _usd_uintacountyherald.com Value: e1967baf-bf11-44d8-a01a-6ba8dc67829f
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s86113\|ZXgj1
uintacountyherald.com/	1970-01-20 16:54:18	Name: _hjShownFeedbackMessage Value: true
.adfarm1.adition.com/	1970-01-20 19:02:28	Name: UserID1 Value: 7311633388486064283
.ctnsnet.com/	1970-01-21 01:38:28	Name: gid_CAESENIo_nbioqzP6SIf3swJXbw Value: 1
.ctnsnet.com/	1970-01-21 01:38:28	Name: cid_0d929d8599604c2197624f3f258b122a Value: 1
pixel.rubiconproject.com/	1970-01-20 19:02:28	Name: receive-cookie-deprecation Value: 1
.turn.com/	1970-01-20 21:12:04	Name: uid Value: 8156750532361358834
.adnxs.com/	1970-01-20 19:02:28	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GUax8<$D!A#Ev.TOKKnyW<U1`VROYQM-:ZolMNAO2ti:<XGZ><wwFJ0):eE$V51ny$4x<QG=%9sk@3@'s>T0TrRC
.1rx.io/	1970-01-21 01:38:28	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-0c725fe9-dda5-4110-9d42-fbad4c2f0555-003%22%7D
.yahoo.com/	1970-01-21 01:38:49	Name: A3 Value: d=AQABBNQjeGUCEO7v7s3l6DgIKlitDm_O-tAFEgEBAQF1eWWCZQAAAAAA_eMAAA&S=AQAAAlR3B2LgMxpyyHbfXMFE6R8
.targeting.unrulymedia.com/	1970-01-21 01:38:28	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-0c725fe9-dda5-4110-9d42-fbad4c2f0555-003%22%7D
.tribalfusion.com/	1970-01-20 19:02:28	Name: ANON_ID Value: a6ntuJMZaAC7pqGpS6Lsb1nBBhHh47lX3oTyniB5OUVytruZcsoD5GyoSijSlCc0r88w9wo0sV48QEwZb0rqiGW7ZdK3
.openx.net/	1970-01-20 17:14:28	Name: pd Value: v2\|1702372310\|mOgesLwkgqn0vNvQiygu
.quantserve.com/	1970-01-20 19:02:28	Name: d Value: EPIBDAHSKoqsMA
.quantserve.com/	1970-01-21 02:23:06	Name: mc Value: 657823d6-35283-f0262-d3754
.creativecdn.com/	1970-01-21 01:38:28	Name: u Value: blEXQQWqIw1R7rVE25B9
.creativecdn.com/	1970-01-21 01:38:28	Name: g Value: blEXQQWqIw1R7rVE25B9_1702372310228
.creativecdn.com/	1970-01-21 01:38:28	Name: ts Value: 1702372310
.adform.net/	1970-01-20 17:37:30	Name: C Value: 1
.adform.net/	1970-01-20 18:19:16	Name: uid Value: 4017155514660130551

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://uintacountyherald.com/(Line 370) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.empowerlocal.co/adserve/;ID=181918;size=0x0;setID=517063;type=js;sw=1600;sh=1200;spr=1;kw=home;pid=1393686;place=0;rnd=1393686;click=CLICK_MACRO_PLACEHOLDER, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://uintacountyherald.com/(Line 370) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.empowerlocal.co/adserve/;ID=181918;size=0x0;setID=517063;type=js;sw=1600;sh=1200;spr=1;kw=home;pid=1393686;place=0;rnd=1393686;click=CLICK_MACRO_PLACEHOLDER, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://idsync.rlcdn.com/712559.gif?partner_uid=608fe090-ab5f-4dd4-b4aa-7e5e1a6c81fe Message: Failed to load resource: the server responded with a status of 451 ()
javascript	warning	URL: https://ads.empowerlocal.co/adserve/;ID=181918;size=0x0;setID=517063;type=js;sw=1600;sh=1200;spr=1;kw=home;pid=1393686;place=0;rnd=1393686;click=CLICK_MACRO_PLACEHOLDER(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://embed.sendtonews.com/player2/embedcode.php?fk=Be6nXXXs&cid=12385&SIZE=400&floatwidth=400, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ads.empowerlocal.co/adserve/;ID=181918;size=0x0;setID=517063;type=js;sw=1600;sh=1200;spr=1;kw=home;pid=1393686;place=0;rnd=1393686;click=CLICK_MACRO_PLACEHOLDER(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://embed.sendtonews.com/player2/embedcode.php?fk=Be6nXXXs&cid=12385&SIZE=400&floatwidth=400, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3470ffd9ffaa44284744f42823d243c8.safeframe.googlesyndication.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
ad.doubleclick.net
ad.turn.com
ads.empowerlocal.co
ads.eu.criteo.com
ads.pubmatic.com
adsdk.microsoft.com
ams3-ib.adnxs.com
ap.lijit.com
apex.go.sonobi.com
assets.revcontent.com
c1.adform.net
cat.nl3.eu.criteo.com
cdn-gateflipp.flippback.com
cdn.adnxs.com
cdn.ads-flipp.com
cdn.confiant-integrations.net
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
creativecdn.com
csm.eu.criteo.net
d2zqfs55y95cft.cloudfront.net
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
embed.sendtonews.com
embedcdn.sendtonews.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
image6.pubmatic.com
imageproxy.eu.criteo.net
images.revcontent.com
img.revcontent.com
japfg-trending-content.appspot.com
japfg-trending-content.uc.r.appspot.com
justapinch-com-d.openx.net
lh3.googleusercontent.com
match.adsrvr.org
p.flipp.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
r.turn.com
region1.analytics.google.com
resources.infolinks.com
router.infolinks.com
rt3062.infolinks.com
rtb.nl3.eu.criteo.com
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
script.hotjar.com
secure.adnxs.com
securepubads.g.doubleclick.net
servedbyadbutler.com
ssbsync.smartadserver.com
static.adsafeprotected.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
sync.1rx.io
sync.targeting.unrulymedia.com
sync.teads.tv
tpc.googlesyndication.com
trends.revcontent.com
uintacountyherald.com
us-u.openx.net
www.americanhometownmedia.com
www.bing.com
www.civicscience.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.justapinch.com
x.bidswitch.net
yeet.revcontent.com
108.138.26.67
13.32.27.107
130.211.10.17
142.250.181.230
142.250.186.34
142.250.186.98
15.197.193.217
151.101.129.108
172.64.151.101
172.66.42.247
178.250.1.6
178.250.1.9
18.66.122.107
18.66.147.37
18.66.97.21
18.66.97.37
18.66.97.40
18.66.97.86
185.184.8.90
185.245.80.231
185.64.190.78
185.86.138.154
185.89.211.116
2.19.217.101
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
216.52.2.86
23.35.236.201
2600:1f13:800:7781:4c95:14f6:d804:9c3f
2600:9000:211e:ee00:1b:5138:8a40:93a1
2600:9000:223f:5000:8:48e:53c0:93a1
2600:9000:223f:9000:f:c7b3:ce40:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:3036::ac43:9f0b
2606:4700:4400::ac40:90a6
2606:4700::6812:18ad
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:808::2006
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2014
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2002
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2014
2a00:1450:4001:829::2004
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9c
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:26f0:3500:1b::1724:a388
2a02:fa8:8806:12::1370
2a04:4e42::649
2a05:d018:d29:3605:2964:2b9e:c1c9:93f0
3.120.65.116
34.120.58.62
34.98.64.218
35.186.193.173
35.186.253.211
35.244.159.8
35.244.174.68
37.157.3.26
46.228.174.117
51.81.49.106
52.5.81.46
52.95.122.74
69.166.1.64
69.173.144.139
85.114.159.118
99.81.22.6
99.81.36.123
99.86.4.45
010a3b1f5e73f1dc215c8c9a32321caa8e7aafa195c0c4de983f124fc232898b
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
06827a14761ece907961a2dedebe66ddaa89a18f875b94db92c4f2acf5b7f6aa
07eed7e0100bca5e615f4cbd4297204902d38b0470dbf0fc78687c354c16a115
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a0c0f2eab4ab555fda1adc9789b6c3f8994f47c4fc8367940f434380577a44f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f2aac94d011ec45570ef1245e5fc8df73ebd09b1c6859c5a8393df5336e01b2
0ff5bc4080805d1b92cd893311a3109e7eba4494af0aad0e9c3fd79f25d974a6
0ffa8ac36afcb4a48e7bea32b73f4095a9c8d28abe49ecfa0d0672b2cd17ef6b
107121045a7853e68204b1a3d59ff54da0161a5e601fbb7977e964f4c9105031
14392c9baa0d1e691f861f1bfa0cda3caf6d3080edfabda0a2c276dfa13f2afe
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
165bd05213ac704b1be23b1b003d7705012895a042fdfc5db90854f650c328c5
19f017b060eef42c6c184a49c2293ba61282cf67189da8025a13dd7dd680e588
1bd4b6c45e7bc6a8d91d052fd971d32dae0282cdc0a8513ff8dc60f4b3f2a274
1c7a64ef7927a72ad708b7e637fe15660ce2886926662417cc58cc7b1d4fc9d2
1db8c53ee0e575d1e93966f42fcda4eb87e03d7387600572faa04d4d70376ff2
1e226cc1abaf97dc0a3568826d4ef13238d494ddfa8c6135e89ea5cf84bab5c5
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
21cfed7eb47b3b9d993cf5a71b4feb6e45c17a34e5355f197deb015ff7d877f2
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26d33e72c9fcc8a54a5b8a6f59f3298f2341abde08fb70388d9652fae0b497f0
28a6827168832144d10572c3da10d3ce930b08edc1f9bba1e9331ca912a7d577
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2c197e10ab4b9f3cfb6f31085993312740efd57f642aefe8322e258b5e684d10
2e3b078c8f7318477d6d4503856a0fb5daa1e6af3df55a394924a5d15b882ffa
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3192c9a7e98a6d2874cde7e3a27c4f6149d4b1034ac6acd81a7d2d6ef1393761
319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3
31dbbbb5c30a712330adbc2b972672b647b5d529b61f80e41db287ad4e22b38d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
345d7f62fae57b4ea1390b5b380a1cc3676b8d9b0f6dd679772b839edc2cb159
3611b1c58c65cae7bf3747990d6eabae2d7aa206988f10d2f4815b4b93031c82
37f81dfa473e551ebde3be297dee64b41c2c3d67707ad27c2ea238c37764d8bb
382a13bf8432a44234c9cc301025e75242b82886e5dd343372274d362b5f2922
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
3b8fa8b43b862ae61674cc4349b4c16215be1fd78641bbc9948489645d572f36
3cdafa331554b9a58e4406b653270c0b44945e431761cfeb3876229f001f8af6
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
3d9cdeec92af3510ba5623fc29801ffa6697763283efbeda8c5448487f9fc626
41947949348419f17c54bc7c518befd832ad2c98ccf0f23157ae94b2a97ad78a
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b726fd18aa3355c7f0277952419c5e1b33d3347ee2e4eff5e9b9be73040549
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ea5787f01c0678de86c7861e830f03a3163a2d3a25ddb8fe3b343725dfeabd
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d1b618b508d6e2c3ab4c4d98feeddfdb66e6d87d9dcfd88097f1d85480c3af0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea
4fe986bb5e7933e555c614aa80c43bbd465c0e73919f40c10bf9343a3e90b91e
50e372c4006f72fce6d43dbf0304aa4c286dc8a967463b556c7f52bee289f634
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
523a9533f11df3058a5b0b01a77e91f3e6ad122daa14d874082fa906aaabe484
53095f32e39fb8b46ee7b22995892f54054d91d9d900eb0c4071819710c3ff30
53203ef7d7c97068a4425546fc8797acbc7e61d7e3df6cd8379dab5c2b1a845f
54752dcb83c99b17958a23016c9e151717cc669ae78cc983af844a1e2cfa6c94
547e07fc2263ec5546de4561390cfed1f130ae18b87024d66e7f08ddd9f60d95
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54eacec863498628814d62c486eca8cd1c580c77a4dda865b5941006e40c6e66
571e6ef5f0f42035a8258727dca3280f7cbec5a1dc22fc452abd9c88166b14fa
583b1034e6df59146ec6c6e05ddc9b38d73571e315472d407da48ff2244ded9b
5862220784f844113ad16eedf12743d614552bace6a760c4a1e4e457b952d9db
5990b713fd1f8f91c3bcc47c544217e4cbe8d460b0f4a007ffe8e22bc88963ff
59ddf97f6e2d2c730808590edffb1c8caf4569dc1f10eb24c374e445911e6841
5b6467920c3cb7305dc9c65ee037741d13bd2290b4ef2836a1f3366879e78b2a
5ec2b063aaafc7a907573cc7f484d1af72cbbea98b8b5ea4980bf016f45c9e74
5efc9153a41a74564ab2ce2a718ba194e61665c658fe713de5e84af9a2e521ea
5fd058e8362e305341a3ff93766fd9e3863bd93e79ef24e04089564e528c5a1c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6784fa025fddf97da46fae5dbeaf7ec8a275ff78d9252cbbe57ef639592d2443
67ecb26f1d423b7350dded024f258fc8bb9147b6b5b9d20271f587990b23d414
686fedba9281ed039405add4650b1d3b0a659d5720a7b88047d6f4c440028099
68947e9ddb590b11f6c1250e1080ff031fb91fddae5b9d41eb307a20ae306e64
69bd2df73c3c16a1a57407663d6598ffe1a349461a214c5e2aa816cb0fbcff44
6b020ee43746d3f2faa3c575f6755f7ad3eff09235f116d215fba44e12ae6dfc
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6dc0f708a097cd14fb166d1c3c4924cc5e284daf736d1d273080cc30ae6cb559
6e9008b75bae2d9bf3cb46fdf073f01b96d33d1c6e3b2c017a09dea5fb52fcd1
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
71d84ac0536673843ec232ff0f73fd42a9b85638c452455aed825c350dc7871b
72311de052bfd96ef38559c81b625ca11bd5d4cc47a927c326b95aedad11aa1e
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72d0e968a2bc13b2b3af3a39d1aa6f240e37b3054feaf1ca31b18399974111fb
72d74a19116607e044b3d2e3aa67475da4791c0f5e38a1545fc3a8ea58fdb2d4
74c4c3c6ea166e0cdd60068430fa1891c1a752dc0e35245e9e5568a515d7121c
76ee0961e6fc5fe6be30f86e379b24c011ada622f43d9bf323548cc656d6cb28
77ec5c81993e8de7cbd15ba2a0ac46136b8c8fb1a2e9756096e071447c83296f
7b45d475ee6b590b808c3dc84f553ed8563336a652f797b6550f769023a71f57
829731dcdf08025f3d898c8c3a68acb42b0496dcdd8fc61f85ec5dbbf6a69b02
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
830d898d934130a45af1c5cb362bacc74be0edff8ada096b4df52dcc89e9a7d4
8474f9e1881168604c01e39f4d19582013103892de0ea195c5dbf0c41a5b5611
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
86b51f39bdbd41f0399476d7e3bae8f4a516870ba0f004d4a264eca6bfa1329c
893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2
8a170f5913eecb1afeda4cccca5d5b9589c8f068a04ae2c517b602e1484982b4
8ba114696bb1932207fa410dca8526f9731c04088f7075893ca679792c5866dc
8c0e02d26abfbb1ded0acb72295d249694a4cc262bd87c3938299292789f5c97
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90f752b0821d04bce989bd779e382a967eb5801454c97c073c549d0b17cb2127
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
92ad632cbc67af32998d9b07a4af5420b47efee300c76f67861816ba98a5070e
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5
95f42e706886029be7805a13172287841692f15f50c30412979eb21a0c6e6ec0
96686edc68a7fc4fc7f466756ce58388ae0341888aa5a1484da538700bebeb9f
977f1afcfa3cca65301bdd18357f8a34ed8a5d119480930ad6c3dbe76062cd95
98a2fbbfdf666c4b875ed5d04436b77dc3890b85788f085967b51bb0305bbee8
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9b87c52e78b851beab16105b18621ba47bb611088c525003b25a412781695835
9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49
9f52ed32d6b3e2f23b1bcc7703d257a9b015a9d5c2471757a3371b010786ca45
9fb72c620a6d9a6e53264edb38b2c8182181bc81b6a4b1c6554c75525feedd6b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2592b93b5f78c6fea9afe7755e9c68ce5a4497f7f6f508339bb4f78a0bced38
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28
a688d9d2a0809d848b6879524e5048bb07a91c0c3199666713b2c10e281332bb
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7af0542a2e6a0940e024304d26faf12616b3453df692de1d38ea1729bc4bd7d
aba5db49e3818a4e1b8adaa03a7d33aeca9db393edfa3c093df03140ee078109
ad20339e327b45e5d8474685ecaf49b8e1a13cbd594b30995925babc631db34c
aed7464375c3cabfd9777c4bb2528694491da75f6b357b14ebd391536b2a457b
aee7c632c02ac451df0647052ad27ffd67024a5517f0fcdc5a94bcbe2b848865
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b3793f1f30ddbc4854cafbf2b9bc37f21c9e6e16b5b87c5607c9f20f9bd77d
b32f5e6df197223f5ccba3786d782416b62d4d23600231122565e17f0487cb35
b41eaede202328cb31b62ef15ba289d329227d8c8c30531e5414249b9de2015c
b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247
ba014b41e87e2deda011cf92146d1b1842133b416d5ce0be02719670c0d46e10
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f
bc531edb737131beee262d805228188423b842a23009de519fb84005ef60fcd4
bc769cbab72e02795d48add141147ffc0503831975c3f684e766c024083e5e27
beaccc653c47d03c7afbc10a2ae03f6daeb78e15094aa18067533d2d4b4a3bf2
c02ccf4ffd38f6e1602a17e22029a37e1827a19cc5b202d5268c4f9c9336a38d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c7a8f3ff2b3866e14052dae0c6a44361293b8e58c6c08c01d1ba689a8e602ea2
c86dcd89671c80c395e7ba0543de4959828856f8c7c2ac9ad20f70c3686219f9
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
c95f140839c18088ff96195a640b3840f7106958d5975b492637127859557824
c9a1d391df4326adc68083643132875ce7d1a1c8cfd5123c004ca46c9130f191
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1a2da045d78c4ed73d71581e1607e7ea958d598ff919dfb7fb72d53fb18b43e
d3460d76a3013a4bb9c689877b41f3eadbf5e780ed9230fb8f8bbd16fcc59842
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
d5b91b74c3adc2d12f3ca42eeb69a8c59adac9f59e9fdf30d62504d1be9835f7
d6cbc6e0c356ead580f680048e3925fb5d55b31ac9dc3eab2ef79cf0a433b219
d9ffbfce8a9c05aa23dc51cf3fb62a1617618787d1cc6b31b87736333d05775e
da7b599273a74227a467362f10d63114e96a3bf464f218fc0639112d753ea263
db0b1ac1f8f187fb865114b1c44694d609d7236db2479b9bf54a3d47b7f48ff2
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dea5d8ba9e54379b26e109f61ceba20a0781d4f80eed75fce6ad0993d4784195
df544db2e8b010512a5ec168d3a9b91355c7197d04a1b29325510e29405e6e0f
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
e13d6d6121bd85d046a6aeeffefc46f84fde31adf55e8d940db7bd6508618d16
e24159ce6f12ce65b60f7351b064567ef38f17a12b44cb7301665afa469cef62
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e422414f4aa493e470ee85b8142cd51142f661603337694399421cf87db670f0
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e61982666f8e828ba57941c43933eb441d35a92113c597d977c236e846b4463b
e62ffe5291d4fd957b67bb146926504229d1f9a7137190a1783ce615b4f15fa7
e79c36587b5dfab7dd7648e2dbb7844e8ab3c95f8f52ea7f86f8049d913da628
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb74bc6b392209ac043bfd102e03cf213ab9fad17ea2b85eb12fe7286e9546c2
ece864356b2a5fcc81af5663854530d87ebcb622acea8cc5a95bd7a64449ed3a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f113d6b3b4aee5e8116cddd5fc375f5b2a582dcad71da858675115fc05975a3f
f24262a92091012067009368f31d2024399a63aba5b0ace5320f286520b0d270
f30b6cf7e38d549ab1764b3bbf4566fde5c858543e2b31e76dccc0f6a48dbf03
f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d
f4f828bd932e3d2cfc41828f719a08047655f9572c4cc79828fc336c23a6f2ff
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da
fad08488ab9bdf68897a3a6eeb699584c94d259cf814b1f81a330964852f0274
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
fe541d5a8862d0ee4f0ae66b9b3c5640d3131f0e2551608fd78a9b92f4cf48c1
fe7c3ea250ba6973d0af67cd79aadeaa2fca0f78776d5616d03b0679d2704a47
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc

uintacountyherald.com Open in urlscan Pro 2606:4700:3036::ac43:9f0b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

345 Requests

92 %HTTPS

45 %IPv6

58 Domains

91 Subdomains

73 IPs

10 Countries

14255 kBTransfer

21286 kBSize

49 Cookies

12 Outgoing links

Page URL History

Redirected requests

345 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

uintacountyherald.com Open in urlscan Pro
2606:4700:3036::ac43:9f0b Public Scan

Screenshot
Live screenshot

Full Image

345
Requests

92 %
HTTPS

45 %
IPv6

58
Domains

91
Subdomains

73
IPs

10
Countries

14255 kB
Transfer

21286 kB
Size

49
Cookies

345 HTTP transactions
7 data transactions