uintacountyherald.com Open in urlscan Pro
2606:4700:3035::6815:3136 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.uintacountyherald.com/
Effective URL:
https://uintacountyherald.com/
Submission: On November 29 via api (November 29th 2023, 5:21:13 pm UTC) from LU — Scanned from DE

Summary HTTP 362 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 98 IPs in 11 countries across 69 domains to perform 362 HTTP transactions. The main IP is 2606:4700:3035::6815:3136, located in United States and belongs to CLOUDFLARENET, US. The main domain is uintacountyherald.com.
TLS certificate: Issued by GTS CA 1P5 on October 30th 2023. Valid for: 3 months.

This is the only time uintacountyherald.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 32	2606:4700:303... 2606:4700:3035::6815:3136	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
3	99.84.88.88 99.84.88.88	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4	108.138.36.71 108.138.36.71	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81c::2014	15169 (GOOGLE) (GOOGLE)
1 4	3.230.202.53 3.230.202.53	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:20c... 2600:9000:20c3:e800:f:c7b3:ce40:93a1	16509 (AMAZON-02) (AMAZON-02)
5	172.66.42.247 172.66.42.247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	51.81.49.106 51.81.49.106	16276 (OVH) (OVH)
5	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1 6	108.138.36.51 108.138.36.51	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	130.211.10.17 130.211.10.17	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
1	18.66.192.39 18.66.192.39	16509 (AMAZON-02) (AMAZON-02)
1	23.213.164.238 23.213.164.238	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	162.55.246.61 162.55.246.61	24940 (HETZNER-AS) (HETZNER-AS)
1	104.18.38.76 104.18.38.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.152.89 172.64.152.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
38	108.138.36.126 108.138.36.126	16509 (AMAZON-02) (AMAZON-02)
3	108.138.37.209 108.138.37.209	16509 (AMAZON-02) (AMAZON-02)
8	44.193.179.92 44.193.179.92	14618 (AMAZON-AES) (AMAZON-AES)
2	18.173.187.21 18.173.187.21	16509 (AMAZON-02) (AMAZON-02)
8	54.76.85.248 54.76.85.248	16509 (AMAZON-02) (AMAZON-02)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.202.199.100 34.202.199.100	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	35.244.193.51 35.244.193.51	15169 (GOOGLE) (GOOGLE)
1	108.138.36.117 108.138.36.117	16509 (AMAZON-02) (AMAZON-02)
1	18.173.187.56 18.173.187.56	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	184.30.211.26 184.30.211.26	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::ac43:246e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.173.154.13 18.173.154.13	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	18.173.191.32 18.173.191.32	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:10:... 2606:4700:10::6816:545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:1ec:46::44 2620:1ec:46::44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	2a02:26f0:350... 2a02:26f0:3500:1b::1724:a39c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.213.164.226 23.213.164.226	16625 (AKAMAI-AS) (AKAMAI-AS)
19	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
3	2600:9000:26d... 2600:9000:26db:2800:a:deb0:3380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	99.84.88.101 99.84.88.101	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80b::2014	15169 (GOOGLE) (GOOGLE)
2	2606:4700:440... 2606:4700:4400::ac40:90a6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9 22	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
5 10	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 6	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
2	46.228.174.115 46.228.174.115	56396 (AMOBEE) (AMOBEE)
1	69.173.144.137 69.173.144.137	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.59.93.26 52.59.93.26	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	18.173.154.71 18.173.154.71	16509 (AMAZON-02) (AMAZON-02)
4	99.84.88.15 99.84.88.15	16509 (AMAZON-02) (AMAZON-02)
3	130.211.115.4 130.211.115.4	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.120.58.62 34.120.58.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
5	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
4	138.201.63.145 138.201.63.145	24940 (HETZNER-AS) (HETZNER-AS)
1 4	138.201.84.252 138.201.84.252	24940 (HETZNER-AS) (HETZNER-AS)
1	216.52.2.6 216.52.2.6	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
8	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	69.166.1.64 69.166.1.64	27630 (AS-XFERNET) (AS-XFERNET)
2 3	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
2	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	23.212.218.19 23.212.218.19	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2607:f8b0:400... 2607:f8b0:4002:c05::5e	15169 (GOOGLE) (GOOGLE)
1	99.84.88.85 99.84.88.85	16509 (AMAZON-02) (AMAZON-02)
1	3.11.123.127 3.11.123.127	16509 (AMAZON-02) (AMAZON-02)
1 2	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
1	108.138.36.15 108.138.36.15	16509 (AMAZON-02) (AMAZON-02)
1	108.138.36.69 108.138.36.69	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	35.177.10.97 35.177.10.97	16509 (AMAZON-02) (AMAZON-02)
2	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5 5	37.157.2.228 37.157.2.228	198622 (ADFORM) (ADFORM)
3	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	141.101.90.99 141.101.90.99	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.52.120.246 23.52.120.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a05:d018:d29... 2a05:d018:d29:3602:1c33:a9c0:1eba:a0fe	16509 (AMAZON-02) (AMAZON-02)
1	35.157.195.10 35.157.195.10	16509 (AMAZON-02) (AMAZON-02)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 1	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
1 2	52.94.222.140 52.94.222.140	16509 (AMAZON-02) (AMAZON-02)
362	98

32 2606:4700:3035::6815:3136 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.uintacountyherald.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
uintacountyherald.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.84.88.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-88.muc50.r.cloudfront.net

cdn-gateflipp.flippback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ads-flipp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.36.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-71.muc50.r.cloudfront.net

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

japfg-trending-content.uc.r.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.230.202.53 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-202-53.compute-1.amazonaws.com

www.civicscience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c3:e800:f:c7b3:ce40:93a1 (United States)

ASN16509 (AMAZON-02, US)

d2zqfs55y95cft.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.81.49.106 (United States)

ASN16276 (OVH, FR)
PTR: ns1002533.ip-51-81-49.us

ads.empowerlocal.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.138.36.51 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-51.muc50.r.cloudfront.net

embed.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embedcdn.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.10.17 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.10.211.130.bc.googleusercontent.com

www.justapinch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-39.muc50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.213.164.238 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-238.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.55.246.61 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.61.246.55.162.clients.your-server.de

servedbyadbutler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 108.138.36.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-126.muc50.r.cloudfront.net

d29xw9s9x32j3w.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.37.209 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-37-209.muc50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 44.193.179.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-179-92.compute-1.amazonaws.com

s2l.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.173.187.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-21.muc50.r.cloudfront.net

p.flipp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.76.85.248 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-85-248.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yeet.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.202.199.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-199-100.compute-1.amazonaws.com

id.sv.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-117.muc50.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.187.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-56.muc50.r.cloudfront.net

player.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.173.154.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-13.muc50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.173.191.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-191-32.muc50.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:1b::1724:a39c (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.213.164.226 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-226.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:26db:2800:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-101.muc50.r.cloudfront.net

img.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

japfg-trending-content.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:90a6 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.186.162 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.18.36.155 (None, ) 5 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.171.52 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.93.26 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-93-26.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-71.muc50.r.cloudfront.net

hb.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.84.88.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-15.muc50.r.cloudfront.net

images.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.58.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.58.120.34.bc.googleusercontent.com

www.americanhometownmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.145.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.84.252 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.252.84.201.138.clients.your-server.de

hal900024.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.6 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

justapinch-com-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.64 (United States)

ASN27630 (AS-XFERNET, US)

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.218.19 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-218-19.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4002:c05::5e (Atlanta, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-85.muc50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.11.123.127 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-123-127.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f102.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-15.muc50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-69.muc50.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.177.10.97 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-10-97.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.158.49 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.2.228 (Denmark) 5 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.101.90.99 (United States)

ASN13335 (CLOUDFLARENET, US)

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.52.120.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-120-246.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:1c33:a9c0:1eba:a0fe (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.195.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-195-10.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.222.140 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	319 KB
42	doubleclick.net 10 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 pubads.g.doubleclick.net — Cisco Umbrella Rank: 401 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 ad.doubleclick.net — Cisco Umbrella Rank: 154 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 154836	296 KB
39	cloudfront.net d2zqfs55y95cft.cloudfront.net d29xw9s9x32j3w.cloudfront.net	2 MB
32	uintacountyherald.com 1 redirects www.uintacountyherald.com uintacountyherald.com	11 MB
17	revcontent.com assets.revcontent.com — Cisco Umbrella Rank: 7382 trends.revcontent.com — Cisco Umbrella Rank: 2528 img.revcontent.com — Cisco Umbrella Rank: 10265 images.revcontent.com — Cisco Umbrella Rank: 8685 yeet.revcontent.com — Cisco Umbrella Rank: 8368	160 KB
15	sendtonews.com 1 redirects embed.sendtonews.com — Cisco Umbrella Rank: 13101 embedcdn.sendtonews.com — Cisco Umbrella Rank: 15065 s2l.sendtonews.com — Cisco Umbrella Rank: 12990 player.sendtonews.com — Cisco Umbrella Rank: 14920	395 KB
12	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	750 KB
11	openx.net justapinch-com-d.openx.net — Cisco Umbrella Rank: 50162 rtb.openx.net — Cisco Umbrella Rank: 695 us-u.openx.net — Cisco Umbrella Rank: 522 eu-u.openx.net — Cisco Umbrella Rank: 2753	2 KB
10	casalemedia.com 5 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625 htlb.casalemedia.com — Cisco Umbrella Rank: 511 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486	6 KB
10	adnxs.com 3 redirects cdn.adnxs.com — Cisco Umbrella Rank: 1682 ib.adnxs.com — Cisco Umbrella Rank: 246 ams3-ib.adnxs.com — Cisco Umbrella Rank: 6903	34 KB
10	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 49	225 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 38186 hal900024.redintelligence.net — Cisco Umbrella Rank: 218079	227 KB
8	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598 aax.amazon-adsystem.com — Cisco Umbrella Rank: 394 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890	72 KB
7	gstatic.com fonts.gstatic.com csi.gstatic.com	221 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 imasdk.googleapis.com — Cisco Umbrella Rank: 447	371 KB
6	rubiconproject.com 2 redirects prebid-server.rubiconproject.com — Cisco Umbrella Rank: 776 pixel.rubiconproject.com — Cisco Umbrella Rank: 376 eus.rubiconproject.com — Cisco Umbrella Rank: 602 token.rubiconproject.com — Cisco Umbrella Rank: 458	16 KB
6	ad-score.com js.ad-score.com — Cisco Umbrella Rank: 9174 data.ad-score.com — Cisco Umbrella Rank: 8743	181 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 3040 adservice.google.com — Cisco Umbrella Rank: 105	2 KB
5	adform.net 5 redirects c1.adform.net — Cisco Umbrella Rank: 599	3 KB
5	infolinks.com resources.infolinks.com — Cisco Umbrella Rank: 6655 router.infolinks.com — Cisco Umbrella Rank: 2919	60 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	285 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 727 script.hotjar.com — Cisco Umbrella Rank: 901	106 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	286 KB
4	civicscience.com 1 redirects www.civicscience.com — Cisco Umbrella Rank: 5437	626 B
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 30616 api.webgains.io — Cisco Umbrella Rank: 91573	19 KB
3	medialead.de 2 redirects pv.medialead.de — Cisco Umbrella Rank: 44040	2 KB
3	bing.com 1 redirects www.bing.com — Cisco Umbrella Rank: 66	15 KB
3	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 1601 a.ad.gt — Cisco Umbrella Rank: 1844	4 KB
3	empowerlocal.co ads.empowerlocal.co — Cisco Umbrella Rank: 66526	14 KB
3	appspot.com japfg-trending-content.uc.r.appspot.com — Cisco Umbrella Rank: 98841 japfg-trending-content.appspot.com — Cisco Umbrella Rank: 56343	6 KB
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 592	899 B
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1403	326 B
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 795	1 KB
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3451	207 B
2	media01.eu pb.media01.eu — Cisco Umbrella Rank: 74479	810 B
2	unrulymedia.com targeting.unrulymedia.com — Cisco Umbrella Rank: 792	169 B
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1481	113 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6862	515 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	574 B
2	flipp.com p.flipp.com — Cisco Umbrella Rank: 13096
2	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1383 lexicon.33across.com — Cisco Umbrella Rank: 1497	4 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	25 KB
2	servedbyadbutler.com servedbyadbutler.com — Cisco Umbrella Rank: 13820	27 KB
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 415 api.rlcdn.com — Cisco Umbrella Rank: 957	462 B
2	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 534 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 502	67 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	flippback.com cdn-gateflipp.flippback.com — Cisco Umbrella Rank: 12760	111 KB
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 764	493 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 351	146 B
1	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	604 B
1	o2online.de portal.o2online.de — Cisco Umbrella Rank: 146086	609 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 107304	3 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 62639	2 KB
1	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 172	299 B
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 18131	705 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 217997	923 B
1	sonobi.com apex.go.sonobi.com — Cisco Umbrella Rank: 1987	915 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 683	532 B
1	americanhometownmedia.com www.americanhometownmedia.com — Cisco Umbrella Rank: 67403	103 KB
1	undertone.com hb.undertone.com — Cisco Umbrella Rank: 3825	522 B
1	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 572	547 B
1	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4948	36 KB
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 1779	10 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1155	17 KB
1	rkdms.com id.sv.rkdms.com — Cisco Umbrella Rank: 5530	235 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 674	11 KB
1	ads-flipp.com cdn.ads-flipp.com — Cisco Umbrella Rank: 33470	548 B
1	justapinch.com www.justapinch.com — Cisco Umbrella Rank: 65755	22 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 762	75 KB
362	69

	Domain	Requested by
38	d29xw9s9x32j3w.cloudfront.net	uintacountyherald.com cdnjs.cloudflare.com embed.sendtonews.com
31	uintacountyherald.com	uintacountyherald.com
27	pagead2.googlesyndication.com	imasdk.googleapis.com 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com uintacountyherald.com s0.2mdn.net securepubads.g.doubleclick.net
22	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com eu-u.openx.net
19	tpc.googlesyndication.com	31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com uintacountyherald.com s0.2mdn.net securepubads.g.doubleclick.net
12	s0.2mdn.net	imasdk.googleapis.com 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com uintacountyherald.com s0.2mdn.net
10	lh3.googleusercontent.com	uintacountyherald.com
8	s2l.sendtonews.com	embed.sendtonews.com
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
6	ib.adnxs.com	3 redirects googleads.g.doubleclick.net embed.sendtonews.com
5	us-u.openx.net	googleads.g.doubleclick.net eu-u.openx.net
5	c1.adform.net	5 redirects
5	ad.doubleclick.net	31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com uintacountyherald.com
5	31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	embed.sendtonews.com	1 redirects uintacountyherald.com embed.sendtonews.com
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net uintacountyherald.com 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
5	fonts.gstatic.com	fonts.googleapis.com
5	www.googletagservices.com	uintacountyherald.com 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
5	fonts.googleapis.com	uintacountyherald.com embed.sendtonews.com client hal900024.redintelligence.net
4	yeet.revcontent.com	assets.revcontent.com
4	hal900024.redintelligence.net	1 redirects 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com hal900024.redintelligence.net
4	hal9000.redintelligence.net	31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com hal900024.redintelligence.net
4	images.revcontent.com	uintacountyherald.com
4	googleads.g.doubleclick.net	31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com pagead2.googlesyndication.com
4	www.google.com	uintacountyherald.com 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com tpc.googlesyndication.com
4	trends.revcontent.com	assets.revcontent.com
4	www.googletagmanager.com	uintacountyherald.com www.google-analytics.com adv.office-partner.de www.googletagmanager.com
4	www.civicscience.com	1 redirects www.civicscience.com
4	assets.revcontent.com	uintacountyherald.com assets.revcontent.com
3	rtb.openx.net	31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com eu-u.openx.net
3	pv.medialead.de	2 redirects hal900024.redintelligence.net
3	ams3-ib.adnxs.com	31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com cdn.adnxs.com
3	data.ad-score.com	js.ad-score.com
3	js.ad-score.com	assets.revcontent.com js.ad-score.com
3	www.bing.com	1 redirects 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
3	script.hotjar.com	static.hotjar.com script.hotjar.com uintacountyherald.com
3	router.infolinks.com	resources.infolinks.com
3	c.amazon-adsystem.com	embed.sendtonews.com c.amazon-adsystem.com
3	ads.empowerlocal.co	uintacountyherald.com ads.empowerlocal.co
2	aax-eu.amazon-adsystem.com	1 redirects eu-u.openx.net
2	creativecdn.com	2 redirects
2	eu-u.openx.net	www.americanhometownmedia.com eu-u.openx.net
2	eus.rubiconproject.com	embed.sendtonews.com eus.rubiconproject.com
2	sync.teads.tv	googleads.g.doubleclick.net
2	ssum-sec.casalemedia.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	um.simpli.fi	2 redirects
2	dclk-match.dotomi.com	31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
2	api.webgains.io	analytics.webgains.io
2	5994599.fls.doubleclick.net	1 redirects 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
2	csi.gstatic.com	imasdk.googleapis.com
2	pb.media01.eu	hal900024.redintelligence.net 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
2	targeting.unrulymedia.com	embed.sendtonews.com
2	cdn.confiant-integrations.net	www.googletagmanager.com cdn.confiant-integrations.net
2	japfg-trending-content.appspot.com	uintacountyherald.com
2	id.hadron.ad.gt	cdn.hadronid.net
2	aax.amazon-adsystem.com	c.amazon-adsystem.com
2	pubads.g.doubleclick.net	embed.sendtonews.com imasdk.googleapis.com
2	www.google.de	uintacountyherald.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	match.adsrvr.org	js-sec.indexww.com eu-u.openx.net
2	p.flipp.com	cdn-gateflipp.flippback.com
2	imasdk.googleapis.com	embed.sendtonews.com imasdk.googleapis.com
2	cdnjs.cloudflare.com	embed.sendtonews.com
2	servedbyadbutler.com	ads.empowerlocal.co uintacountyherald.com
2	www.google-analytics.com	uintacountyherald.com www.google-analytics.com
2	resources.infolinks.com	uintacountyherald.com
2	cdn-gateflipp.flippback.com	uintacountyherald.com
1	cms.quantserve.com	1 redirects
1	x.bidswitch.net	eu-u.openx.net
1	pr-bh.ybp.yahoo.com	eu-u.openx.net
1	token.rubiconproject.com	eus.rubiconproject.com
1	portal.o2online.de	uintacountyherald.com
1	adservice.google.com	5994599.fls.doubleclick.net
1	cdn.track.production.webgains.team	31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
1	analytics.webgains.io	track.webgains.com
1	track.webgains.com	31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
1	sb.scorecardresearch.com	uintacountyherald.com
1	www.awin1.com	hal900024.redintelligence.net
1	adv.office-partner.de	hal900024.redintelligence.net
1	apex.go.sonobi.com	www.americanhometownmedia.com
1	justapinch-com-d.openx.net	www.americanhometownmedia.com
1	ap.lijit.com	www.americanhometownmedia.com
1	a.ad.gt	cdn.hadronid.net
1	www.americanhometownmedia.com	uintacountyherald.com
1	htlb.casalemedia.com	embed.sendtonews.com
1	hb.undertone.com	embed.sendtonews.com
1	hbopenbid.pubmatic.com	embed.sendtonews.com
1	tlx.3lift.com	embed.sendtonews.com
1	prebid-server.rubiconproject.com	embed.sendtonews.com
1	img.revcontent.com	uintacountyherald.com
1	cdn.adnxs.com	31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
1	adsdk.microsoft.com	31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
1	cdn.hadronid.net	uintacountyherald.com
1	secure.cdn.fastclick.net	uintacountyherald.com
1	region1.analytics.google.com	www.googletagmanager.com
1	player.sendtonews.com	embed.sendtonews.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	lexicon.33across.com	cdn-ima.33across.com
1	id.sv.rkdms.com	js-sec.indexww.com
1	api.rlcdn.com	js-sec.indexww.com
1	cdn-ima.33across.com	embed.sendtonews.com
1	js-sec.indexww.com	embed.sendtonews.com
1	cdn.ads-flipp.com	cdn-gateflipp.flippback.com
1	idsync.rlcdn.com	uintacountyherald.com
1	ads.pubmatic.com	assets.revcontent.com
1	static.hotjar.com	uintacountyherald.com
1	www.justapinch.com	uintacountyherald.com
1	embedcdn.sendtonews.com	uintacountyherald.com
1	d2zqfs55y95cft.cloudfront.net	uintacountyherald.com
1	japfg-trending-content.uc.r.appspot.com	uintacountyherald.com
1	code.jquery.com	uintacountyherald.com
1	www.uintacountyherald.com	1 redirects
362	113

This site contains links to these domains. Also see Links.

Domain
smeagol.revcontent.com
facebook.com
twitter.com
japfg-trending-content.appspot.com
www.justapinch.com
servedbyadbutler.com

Subject Issuer	Validity	Valid
uintacountyherald.com GTS CA 1P5	`2023-10-30` - `2024-01-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
flippback.com Amazon RSA 2048 M01	`2023-09-18` - `2024-10-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
revcontent.com Amazon RSA 2048 M02	`2023-05-18` - `2024-06-16`	a year	crt.sh
*.appspot.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-15` - `2024-05-14`	a year	crt.sh
servedbyadbutler.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-03` - `2024-01-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sendtonews.com Amazon RSA 2048 M02	`2023-10-22` - `2024-11-19`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
justapinch.com Go Daddy Secure Certificate Authority - G2	`2023-04-18` - `2024-05-19`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.civicscience.com Amazon RSA 2048 M02	`2023-04-04` - `2024-05-03`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.sendtonews.com Amazon RSA 2048 M01	`2023-04-18` - `2024-05-16`	a year	crt.sh
flipp.com Amazon RSA 2048 M01	`2023-07-31` - `2024-08-28`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
rkdms.com Amazon RSA 2048 M03	`2023-10-04` - `2024-11-01`	a year	crt.sh
lexicon.33across.com GTS CA 1D4	`2023-11-27` - `2024-02-25`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
hadronid.net GTS CA 1P5	`2023-10-05` - `2024-01-03`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 02	`2023-10-11` - `2024-04-08`	6 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2023-09-02` - `2024-10-03`	a year	crt.sh
confiant-integrations.net GTS CA 1P5	`2023-11-19` - `2024-02-17`	3 months	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-10` - `2024-05-10`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.undertone.com Amazon RSA 2048 M02	`2023-08-03` - `2024-08-30`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
r.bing.com Microsoft Azure ECC TLS Issuing CA 05	`2023-10-18` - `2024-06-27`	8 months	crt.sh
www.americanhometownmedia.com Go Daddy Secure Certificate Authority - G2	`2023-05-14` - `2024-06-14`	a year	crt.sh
redintelligence.net R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh
*.media01.eu RapidSSL TLS RSA CA G1	`2023-05-16` - `2024-05-15`	a year	crt.sh
adv.office-partner.de R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
pv.medialead.de R3	`2023-10-12` - `2024-01-10`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
portal.o2online.de E1	`2023-11-29` - `2024-02-27`	3 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-29` - `2024-02-21`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh

This page contains 29 frames:

Primary Page: https://uintacountyherald.com/
Frame ID: 402EE83CC7B7214210EDEF30616584B9
Requests: 171 HTTP requests in this frame

Frame: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A0F47F785F6A36595C88E053BC4997AB
Requests: 1 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Frame ID: B8BA063F102398EBD21EED00B3F8A559
Requests: 33 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3305933&wsid=0&pdom=uintacountyherald.com&purl=https%3A%2F%2Fuintacountyherald.com%2F
Frame ID: 50B3A25C32407980C8E42D1BCEA3B024
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: E33A74407D591BCC99C0806EB07B68D2
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: EEEAB83D5BDFE6BC2FFB9C78896EBB34
Requests: 1 HTTP requests in this frame

Frame: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3E20B24B7CD61C210F9F87015ACCDC77
Requests: 14 HTTP requests in this frame

Frame: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 24DFDA3D5AF33B0BD9B4A82FF0CEC46F
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNVhMBKS8JgW3odGsexPROmFEuMAwROiTaEm-Kb_Flk0P4JNye-av4xxbUVxAtIGLOuGDNJw4Ul-DhLUTPM0sJW1O3OKF0jXKq3v1K3QRIusJd2_X5tvVwriBPTfAEcq5NM1BBeo4U7DKKzKAquqWmAMbL-lahu9J2tvqIZaqgPHs4MAnaA
Frame ID: A1B19ABBBBC1DD070B3202B5E691F1A1
Requests: 5 HTTP requests in this frame

Frame: https://js.ad-score.com/x.html?v=d54c666&pid=1000177
Frame ID: 77CCFD23F996C5A4621E9B5A4B142F64
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4D2373AAFDCB2F685B5603B584FDD283
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=95830400148260204444978012523024&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: 307E1E50E254BD6D2C30ABA4A50E48BB
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 749351C4E0353ACAF4D9DBF28336CA5D
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPiIoZbc6YIDFZFaGQodQlYKtw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6673095701234.604
Frame ID: FE9889E31A040884EDB75F5DF23FBC0A
Requests: 2 HTTP requests in this frame

Frame: https://hal900024.redintelligence.net/request_content.php?s=95830400148260204444978012523024&a=065a31b2
Frame ID: 6A907547BAC00D564645808DB845E967
Requests: 8 HTTP requests in this frame

Frame: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 73DD2A9AA88BB95A7D5E586DDB5A3D98
Requests: 13 HTTP requests in this frame

Frame: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AF9DA58608696EDA765F5B669DE0F0FE
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGLTPsuoBMAE&v=APEucNWpFG3VDmxJpsbVExARbuRBDVf9z3QtVTFidjIKqpNAdhkJWBr997_dJGTf8x6vhBF3laluikoWeS1X8rfh6gsokF5gar36Lce12lsxOJNkYr646U-JLXqmpPT_yIW9cGSePo2ZMZWSIuzWoxEIKNzzg3uP_04EhBDWztl9wdRFfY9BEck
Frame ID: 343BFA9068AD9FC4678EEF0C15DFE5DA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D60CEC594C6BDF8856C4E052A4F62A7B
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARimzbP8ATAB&v=APEucNWf_zi3yL2s6YTQzxT2T7Z8ztakHp54OIPaJwz_tJGELySRMlq_vkFiAdRzBE2kd58DVQiELew7WQgJXTpttDj5YFFDs6dTOkkTLFOleXig6vlHpzs2WDHLHChTl9pONv4KTq6LfV3EMWmAYWnbMH3WDQDnUcm95fAaYlw-YcqfUSYQzSo
Frame ID: E70F90A72D219F32BA59C9146941AAC5
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 699AEF234818C6871937AC1BC4BB4D60
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 59CDF2A35AD8520C030EFA5EA0F2CA71
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 677362D7E4CF3371DBC6BE52464D8C2E
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=K1gyF9tilr&t=1&renderingType=2&ev=01_250
Frame ID: 54C7817493C6073BE9C344DCD99C8F56
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Frame ID: D1C27556A3F8FE2E88D26D71C76317E9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3EF21396D4B01A33600C2981594E859F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0338215FBE03B4467A345CAFAFFA68D5
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: FB2AE1DC9B498ECB680484A0D970F92C
Requests: 3 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0
Frame ID: 476E2AFD23BA313B7D22297D48D4C709
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Breaking News from your Local News Source Leader in Evanston, Wyoming | Uinta County Herald

Page URL History Show full URLs

http://www.uintacountyherald.com/ HTTP 302
https://uintacountyherald.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

362
Requests

92 %
HTTPS

34 %
IPv6

69
Domains

113
Subdomains

98
IPs

11
Countries

17338 kB
Transfer

25648 kB
Size

50
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://smeagol.revcontent.com/v3/tdEklZADS1dAcdpKP1rkHQH6HwpYEUfeAj7zT1dE4CYGEoTTFYyZQvK158CnzVAbFWco9ZQbtV39M5WYdLfx2EnI-irpIo8OeywPoqq5myAUIGChiml4_w_IHkJzU-cPaD41uanVCTp58QE9Y6xzH9NJRBJHTb91JCGYqtsSgbUy5gqs101ScbqKJTNQKOqbw310sOqGg-TXvPG9vbUVhQZgOFwBy0UyDQ2z_sXj8ML4wzGdP2hLqowMi2QBB5iQhNSRD7TatWWWW1kqJsVAKSypVHZ46vsBzjOCXZgh_iGVpgRM3mCMUaqz-COhIfZnzqFgqvIP9B6AQ0w23RQb5FjUcVR17QJqFgrQGWX0NMpLpkZqk7o6uqmsveM2rm2zvLjoTmA5P5qKr2ZYkJCOtYpw61y6KTt8-ysfMr95lRJCACyomJPVQkj4HFf_fkgBezP-FY63H9zcgD6hPy8VOrnacjZBpiTnLzLBDrIil3RA0zuMNrGtNrofvKiivHUbKkSbGcbzKDWp5w4Jo3QaTmUi6tFEu9t-30FbXwjzNX1fXUBltMRS83ROJ45WdgXWcaM8k9j01AFNIG2T4W3yjhkefsB1pwVeM_8eJ1bIu0aliFNA1zpkK-eGERa2thGa17EJLoeUO9PYpYpnJJf9iEhQUhaEAUVtLZQuCYYrjeEKYTRP8HXusN_W4Bl4LxNWEcFdd_E_KmXKZhU5XMUoud7skE9M1vtUe4UYUVVDiOpVMWApzXF2M2egIj9tpwh-msSt6tVRh_vRqN4HVk4OkgSv70pEuYmw2VQzGStMZ1FVQgzZAUBwJ-2ysth1kFEuPdH3qJEJviFBkl1RtT4Q6PFNaYmYO-B0SqfcnhH9hqVb23yHAw?p=GgFDMILmnasGOiQzMDU3MGZjNS1kOWIxLTRkNzQtYmU5NS0zODhmMTM4MTc0OWJCJDZlMmQ1M2ZlLTliZWQtNDFmMi1iYWFhLWFlNzBiNzAwYTU2YkoLd2hpZS13YWxrZXJQz-QKWMf1EGIVdWludGFjb3VudHloZXJhbGQuY29tagdkZXNrdG9wkAEB2AGyjvABkQIzMzMzMzPrP6oCDzE3OC4xNjIuMjA5LjEzNuoCEQoIZ3JheV9pbXASBWZhbHNl
Title: Eine Einfache Methode Zur Kniearthrose – Probieren Sie Es AusKnee Osteoarthritis Treatment

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/A9gG3x47ldA1flJkgDmg9mY7usufDOdgRpHLW5mzLdTzSY-wXcgmJLGfommyZOBGGgB9-OopJm9jaxwGOqsX1jDTxq2BTzg-UhqpCa-NngJ1sa9TZKQyFfKU-JK2Orcr8n0tI0Bzlh2dVpW4zSW0INaso1gb4ccnlG4ntv5Vps5v-Jal3Yb-4rtw8tw3iimXbz7BVf0eVmXZ_NeHX4fl5zuYnwIBthAoTAT1jXdCMp096OLFNG1J2MWmFLyKGX1sJNPZlE5WcMQJh7WLM65sw8ivjcoNbWIZa1tP1QBNm9ltpJpn2o2BdS9G5PK1r-j4PIj-ZQQMBd8lLGRHvIwT0xV6BxXBvni1MnddN-2ub-JCECZ_xO0SlOTTb6v-mGfUuWFJU-MiIz58TIQEEEnnFUdZRHqRC9hISU6diIY8s30IPxlZrCg4XlytmBu9Y64PknWqORcDodNv6v1wb2jYgUubYPyQ8dVsNeVr9MMpaWpVrMkZ4wSp6c1-tqF33HKIZD9Qafz6fwg4wn_85Pw2pcqecbZtuF0lXPKVoqN7G47CyTRDmY_oPTw2IOgbJtVPkFJg_NoU5V3YYJ1TczxK9HcQVW52OF2XtLVSgi9RI_1UcIgSlMLROkChRam_dWYr8Q?p=GgFDMILmnasGOiQzMDU3MGZjNS1kOWIxLTRkNzQtYmU5NS0zODhmMTM4MTc0OWJCJDZlMmQ1M2ZlLTliZWQtNDFmMi1iYWFhLWFlNzBiNzAwYTU2YkoLd2hpZS13YWxrZXJQz-QKWMf1EGIVdWludGFjb3VudHloZXJhbGQuY29tagdkZXNrdG9wkAEC2AGyjvABkQIzMzMzMzPrP6oCDzE3OC4xNjIuMjA5LjEzNuoCEQoIZ3JheV9pbXASBWZhbHNl
Title: Steinbach am Taunus Elektroautos Für Rentner: Der Preis Mag überraschenElectric Cars I Search Ads

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/WWakdvRU7wltnbkbDo6ejYAkQqcoKmFjaiJkIjP6pMWJQQ30Aafr-u2uOxjJ-52xHA_WuLaObVK1YHDA35p7CGa7eeL09bybZArEt1hcpZw6jUv5Q9rFM9-Lkz7gp8ON-fdDWC62CUeZwZJPIsd-_C1KsxnLuHJWrogzOB_kRCDfyCzPnpt-EmsJEFQ1oSLcEQgQiPT4ls288bR0uu-NghOQsSfCukA7R6ZtsUnCK74kWHix2aXGUQ4QoFvcpi7Qu99mMU4k-wTRB7OuKf3-5pSElyFcvpDRk7OQp1qI_u5FC9HP8RCctdLJfLDEMSvKQJfKL3bIv2S2Rbibp1DeLhO5F7SenP-7yTU9VcfomX8dOHf9XAOiJpmb26f6NVy2NOJsNJUyPoQYpAMhJ_HdcXm66RTWpi8nJUMrOt3uYmW-F0DgJLEVmWWY-e0qC3ko1iCQn9MeCi3NNyBJAxgYyCAW0FKwL1l0ph0GgVg5tDD7zsAMWjSV4o7u0W4k-HVLTUYFoFmbyBouzp_W8gR_405VSTIH_mFpty82c370M9EfNo4MOqXLsM9K9v6uJOJB3fnK8jknJ2U2N1flEw4Kg8XOhxkYBpOi-l79WZYxe_gyjdG3J3QODe8v1o2W70zqfT1fe0YSD1MRPQR6ZssjGFsRoecQ5Gdj5hysI7jUyPk3cX7G-JftgLInAsNMitoR8JgJ7lrWGRiBULd_VzeOI8KAhRYIt0z-mOnU_er7Z-PoO8JuAFzv0T_AvX9VMZ68r7cxrcht0bp7ig9xFnqadFriw6Pc456vtuRxZQ?p=GgFDMILmnasGOiQzMDU3MGZjNS1kOWIxLTRkNzQtYmU5NS0zODhmMTM4MTc0OWJCJDZlMmQ1M2ZlLTliZWQtNDFmMi1iYWFhLWFlNzBiNzAwYTU2YkoLd2hpZS13YWxrZXJQz-QKWMf1EGIVdWludGFjb3VudHloZXJhbGQuY29tagdkZXNrdG9wkAED2AGyjvABkQIzMzMzMzPrP6oCDzE3OC4xNjIuMjA5LjEzNuoCEQoIZ3JheV9pbXASBWZhbHNl
Title: Die Revolutionären Treppenlifte Von 2023: Lassen Sie Sich überraschen!Google-Suche | Gesponsert

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/s1A0m-yI7Zb1fq85C8cb3bSvMKKwqHAV96R1rgESUrMjamfPgQv8LBtZovDJ3d1FsYKJKXrBaVDIhYZER1cndPRuLosRm9dj8IV4V8nNsXXsbu7TrFGa6M-XCWmzgj4WsBW7FWsEHjz0ckoqBRl1HmEHhkcy1HwGQJfMlW7Gt5UM1PIJevZpgWTSRhIYk0bhsytmQBnRFsJ31hGUhrSXOwcWf7gKuQ46M2x3322uNdK_qmaqh7OkNrkl_wB7Q34kl2QK7sJMb7fmnwwuK1O6s3KwKA0UVv0msAWPSbznDBTITb-9b8UIGg7ZElt2PaE5L4fR7F3yb3KvW18WyJSW8tbss6Z64cgXDyBOcbyDbTtHwDYiMH9lNpikAkKvr81EMjtulShEldEDnHmoGxbLGaZykzX2Saadn-HSmLWBd63i0HQS_AqpEM4fiqg56_0ZkmH7IjNE-h2ohE-aG1hjqW70uT6IgydJkEh-ObBcdxpWVLKz_yfeB1np4nGGRarTr862Qk9_3qKE0LyJj_vCkaYokTodECrE5EVNnk90duMsGxl5E3LkONT0ld7041rKeKEvnlEGswWZtiKsbrRXx4zZw0Yk5MW8hP3g37Fm?p=GgFDMILmnasGOiQzMDU3MGZjNS1kOWIxLTRkNzQtYmU5NS0zODhmMTM4MTc0OWJCJDZlMmQ1M2ZlLTliZWQtNDFmMi1iYWFhLWFlNzBiNzAwYTU2YkoLd2hpZS13YWxrZXJQz-QKWMf1EGIVdWludGFjb3VudHloZXJhbGQuY29tagdkZXNrdG9wkAEE2AGyjvABkQIzMzMzMzPrP6oCDzE3OC4xNjIuMjA5LjEzNuoCEQoIZ3JheV9pbXASBWZhbHNl
Title: Dies Sind Bäder Einer Neuen Generation. Klicke Um Es Zu SehenBadewannen | Suchanzeigen

Search URL Search Domain Scan URL

URL: https://facebook.com/uintacountyherald

Search URL Search Domain Scan URL

URL: https://twitter.com/uintacoherald

Search URL Search Domain Scan URL

URL: https://japfg-trending-content.appspot.com/click-dug.php?a=%2F&f=10236&p=/recipes/main-course/main-course-chicken/asiago-chicken-in-a-white-wine-mushroom.html&s=10000&do=uintacountyherald.com
Title: By Diane A. in PINE MOUNTAIN, GAAsiago Chicken in a White Wine Mushroom Sauce

Search URL Search Domain Scan URL

URL: https://japfg-trending-content.appspot.com/click-dug.php?a=%2F&f=10236&p=/recipes/dessert/cake/texas-cowboy-cake.html&s=10000&do=uintacountyherald.com
Title: By Cindy M. in Kingwood, TXTexas Cowboy Cake

Search URL Search Domain Scan URL

URL: https://japfg-trending-content.appspot.com/click-dug.php?a=%2F&f=10236&p=/recipes/snack/other-snack/coconut-cocoa-balls.html&s=10000&do=uintacountyherald.com
Title: By Lene F. in Corona, CACoconut Cocoa Balls

Search URL Search Domain Scan URL

URL: https://japfg-trending-content.appspot.com/click-dug.php?a=%2F&f=10236&p=/recipes/side/potatoes/cheesy-mashed-potato-bake-2.html&s=10000&do=uintacountyherald.com
Title: By Ellen C. in Clearwater, FLCheesy Mashed Potato Bake

Search URL Search Domain Scan URL

URL: https://www.justapinch.com/recipes/main-course/main-course-turkey/pizza-stuffed-peppers.html?utm_source=News+Media+Corporation+%28TRX%29&utm_medium=curatorcrowd&utm_campaign=RTDX&utm_content=https%3A%2F%2Fuintacountyherald.com%2F

Search URL Search Domain Scan URL

URL: https://servedbyadbutler.com/redirect.spark?MID=171437&plid=863963&setID=316820&channelID=3471&CID=270089&banID=519647249&PID=0&textadID=0&tc=1&scheduleID=900381&adSize=300x250&mt=1701278466439119&sw=1600&sh=1200&spr=1&referrer=https%3A%2F%2Fuintacountyherald.com%2F&hc=74db74789581b9a87297618eca23f059930a3f72&location=

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.uintacountyherald.com/ HTTP 302
https://uintacountyherald.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://www.civicscience.com/jspoll/4/civicscience-widget.js HTTP 302
https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js

Request Chain 33

https://embed.sendtonews.com/player2/embedcode.php?fk=Be6nXXXs&cid=12385&SIZE=400&floatwidth=400 HTTP 302
https://embedcdn.sendtonews.com/easy-stn-player/7.27.3/embed.js

Request Chain 159

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=3e142b2e-b9ba-428e-b827-eb768da1073f&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=ca4f656d-8299-48b7-8b05-a92bb55cc43c&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D54d00a5eb98444a9a78fb69ca1db2927%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=7909783&trafficGroup=knaqe_3c&trafficSubGroup=pbageby&aid=7688416705342362334 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=54d00a5eb98444a9a78fb69ca1db2927&SNR=1&GV=2&med=10

Request Chain 185

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDF3N0OIhk4lyXA6BqmSj4Q&google_cver=1

Request Chain 186

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWdzA7WnK5eqQKjLHFBrpAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDF3N0OIhk4lyXA6BqmSj4Q&google_cver=1

Request Chain 187

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGQ2zwI1_J8A8swFX-5e764&google_cver=1

Request Chain 188

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTAyMzExMjc3NjQyODQxMTYyMQ%3D%3D

Request Chain 219

https://hal900024.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=2b100a9aa3&subid=&uid=2d40f33adb961950&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwEZWAnNnZdu9F96hjuwPiIG68AOm5b2gab2YnKfJD_AuEAEgh9vqC2CV8ouCmAfIAQmpAr4Xm8ULarI-qAMByAObBKoEpwJP0OOZgezscI_hpGUahTrqMbqbrcMfc3p7YM62cQ8P5E4NEQ9bE6bRT3IkXNLg__oC1fMsLrh6bwkS_0-GgROy4v9xrg9ISgx0kk_rtOyCyl3FThaMO9JvPvXHlSMCRCexCSRrK4k9R6GpsgHslxm0e549d4_Dli1nJOL-4IJRSD1yPnJ0q5I8eitW96mLFFHt3UtUR8kMqcYL3BEDHiognty0UtOdZSBPsgTnnzxe_2IMsBQS048FjOO3PoFiMPq6k0d02xhItq9eoF0SsTIRNhE45iE8hK2EDt6HHgwv-SHiUH5yDzEjLdUFyjs6QrjI--Alz8lMQqW24fMIgYp3-E7i4m4Mx8YetTJDLW8pRwTY5c7E_3vu-s6netClQ1QA9Tfb0z2_wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WI-HmpXc6YIDgAoBmAsByAsBgAwBogwQKg4KDOS0sQLutbECtbixAqoNAkRF4g0TCN_9mpXc6YIDFd6QgwcdiIAOPrATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNf9hJraJQNyvMzWAbM4E9GrNjAEMHzI5jTaHKLWA23IXjuBuOZjjuHwbRELNHblf-PfkN1L8D5HnVz2RXwTVUUXhxOM_9PO4LxgMYAQ%26sig%3DAOD64_2NJAUNVuDsa69UpFU0QGTdFIt3OQ%26client%3Dca-pub-2421836933502242%26dbm_c%3DAKAmf-D8_YMbRYksVf-TnKC44LDEJYo9W22IXRQBcz5c95LAe2MqDwALL6JQGLRC7GutBJekaUDCeQxukCly3VPx2LKblPVPYH_9GjBEeX4N27mrA6L3dExG_7Pu26nR8cnBWjjvFUMjxpHbQvgaSvBykjWQUucJWB2Jmdx3ijQj2hUj5w3OZUs%26cry%3D1%26dbm_d%3DAKAmf-D0vS_javxXf05v29tONtvXieWhaslUamS0L6IeTdQMaXr_mvhPPHIwKq-l3nXa5uf_0Z1svyEygONo235jlWPpuaDQn5P3EdpRAwMoKVIU7GiTdjZJ71XA177PKk_AC4_mhCbYScqKRxpML17_DZeYWWaJtaba_7jfRf6zqH_-36yMJCBwFCyTMOka_U2Z4PCgwlLVC9F83cUYhZuXx6xwjdjDG_1n96O_3GTWEAIKHYmg9srOyxqTN-xnJLVNJL_DCUP_Xi5-m3fKt0mqklIXLUueWHSHJEI9Jw51tbgLszVJ_seMvPQREqALas9RZ9xOHS8YZX7F_Et3EvvQEHukZdZGQyFG64iesXOrsuabaH1UISKr5hqwkd4-PioQOxSZbTx30hGvQg1qaGIFYNhXN1teJOI3xrUkaO5Tgvgy2rtD876Cbxd6f8lZN097e9wc3ElQHIgLc9JpfZLDjKt_fzIReO6ks66SEgCbC7cS6LpaSGsNcbnNSF5sNg1s1xCm0PnlP-AhRpKveRM43h4RwjU9GUewS2jixDj-oU61MNkWiPY%26adurl%3D&documentReferer=https%3A%2F%2Fuintacountyherald.com%2F&ancestorOrigins=https%3A%2F%2Fuintacountyherald.com&random=2536230231512&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900024.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=2b100a9aa3&subid=&uid=2d40f33adb961950&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwEZWAnNnZdu9F96hjuwPiIG68AOm5b2gab2YnKfJD_AuEAEgh9vqC2CV8ouCmAfIAQmpAr4Xm8ULarI-qAMByAObBKoEpwJP0OOZgezscI_hpGUahTrqMbqbrcMfc3p7YM62cQ8P5E4NEQ9bE6bRT3IkXNLg__oC1fMsLrh6bwkS_0-GgROy4v9xrg9ISgx0kk_rtOyCyl3FThaMO9JvPvXHlSMCRCexCSRrK4k9R6GpsgHslxm0e549d4_Dli1nJOL-4IJRSD1yPnJ0q5I8eitW96mLFFHt3UtUR8kMqcYL3BEDHiognty0UtOdZSBPsgTnnzxe_2IMsBQS048FjOO3PoFiMPq6k0d02xhItq9eoF0SsTIRNhE45iE8hK2EDt6HHgwv-SHiUH5yDzEjLdUFyjs6QrjI--Alz8lMQqW24fMIgYp3-E7i4m4Mx8YetTJDLW8pRwTY5c7E_3vu-s6netClQ1QA9Tfb0z2_wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WI-HmpXc6YIDgAoBmAsByAsBgAwBogwQKg4KDOS0sQLutbECtbixAqoNAkRF4g0TCN_9mpXc6YIDFd6QgwcdiIAOPrATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNf9hJraJQNyvMzWAbM4E9GrNjAEMHzI5jTaHKLWA23IXjuBuOZjjuHwbRELNHblf-PfkN1L8D5HnVz2RXwTVUUXhxOM_9PO4LxgMYAQ%26sig%3DAOD64_2NJAUNVuDsa69UpFU0QGTdFIt3OQ%26client%3Dca-pub-2421836933502242%26dbm_c%3DAKAmf-D8_YMbRYksVf-TnKC44LDEJYo9W22IXRQBcz5c95LAe2MqDwALL6JQGLRC7GutBJekaUDCeQxukCly3VPx2LKblPVPYH_9GjBEeX4N27mrA6L3dExG_7Pu26nR8cnBWjjvFUMjxpHbQvgaSvBykjWQUucJWB2Jmdx3ijQj2hUj5w3OZUs%26cry%3D1%26dbm_d%3DAKAmf-D0vS_javxXf05v29tONtvXieWhaslUamS0L6IeTdQMaXr_mvhPPHIwKq-l3nXa5uf_0Z1svyEygONo235jlWPpuaDQn5P3EdpRAwMoKVIU7GiTdjZJ71XA177PKk_AC4_mhCbYScqKRxpML17_DZeYWWaJtaba_7jfRf6zqH_-36yMJCBwFCyTMOka_U2Z4PCgwlLVC9F83cUYhZuXx6xwjdjDG_1n96O_3GTWEAIKHYmg9srOyxqTN-xnJLVNJL_DCUP_Xi5-m3fKt0mqklIXLUueWHSHJEI9Jw51tbgLszVJ_seMvPQREqALas9RZ9xOHS8YZX7F_Et3EvvQEHukZdZGQyFG64iesXOrsuabaH1UISKr5hqwkd4-PioQOxSZbTx30hGvQg1qaGIFYNhXN1teJOI3xrUkaO5Tgvgy2rtD876Cbxd6f8lZN097e9wc3ElQHIgLc9JpfZLDjKt_fzIReO6ks66SEgCbC7cS6LpaSGsNcbnNSF5sNg1s1xCm0PnlP-AhRpKveRM43h4RwjU9GUewS2jixDj-oU61MNkWiPY%26adurl%3D&documentReferer=https%3A%2F%2Fuintacountyherald.com%2F&ancestorOrigins=https%3A%2F%2Fuintacountyherald.com&random=2536230231512&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 238

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=95830400148260204444978012523024&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=95830400148260204444978012523024&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 240

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=95830400148260204444978012523024&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=95830400148260204444978012523024&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 253

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6673095701234.604 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPiIoZbc6YIDFZFaGQodQlYKtw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6673095701234.604

Request Chain 296

https://um.simpli.fi/gp_match?google_gid=CAESEB8qeCkG8ohyALVCbqhjKiw&google_cver=1&google_push=AXcoOmToJy8arWUPNulb2c1FzPhc_Z01zSOjqPTL33gzW_7ivmztpY8xQna5HMDuYJOP3CmkXZ0eFNYzG-b9_zQKYQFhRUc3Vktg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FA14A09E16854643B3ACA07474D23E7C&google_push=AXcoOmToJy8arWUPNulb2c1FzPhc_Z01zSOjqPTL33gzW_7ivmztpY8xQna5HMDuYJOP3CmkXZ0eFNYzG-b9_zQKYQFhRUc3Vktg

Request Chain 297

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJUt6-UXLktvYXbUK73EbCE&google_cver=1&google_push=AXcoOmTKuge4FNgzKdYzS4FE7VWtTRooY24ZtUg1OMjuTZk8m7hCZl9zpaH0aLfoSZyLbIUPG1zIdMU4PdFTQxIYBblH49w5JNPmBQ HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJUt6-UXLktvYXbUK73EbCE&google_cver=1&google_push=AXcoOmTKuge4FNgzKdYzS4FE7VWtTRooY24ZtUg1OMjuTZk8m7hCZl9zpaH0aLfoSZyLbIUPG1zIdMU4PdFTQxIYBblH49w5JNPmBQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE3OTIzNTM5NjI3ODI1Mjc0OQ&google_push=AXcoOmTKuge4FNgzKdYzS4FE7VWtTRooY24ZtUg1OMjuTZk8m7hCZl9zpaH0aLfoSZyLbIUPG1zIdMU4PdFTQxIYBblH49w5JNPmBQ

Request Chain 299

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDnBXC_PfKE5YNg8_g-p6ms&google_cver=1&google_push=AXcoOmQqxmZ20UtuSNJFs6GIiAph9La9PsSInSPUihMAL59mkvhGRvBbmPJhO7IGvSwazGqhIbYKRk1EWHPHJAWskcHPjN1o1wSstA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBLMTlXSFktUy01RldT&google_push=AXcoOmQqxmZ20UtuSNJFs6GIiAph9La9PsSInSPUihMAL59mkvhGRvBbmPJhO7IGvSwazGqhIbYKRk1EWHPHJAWskcHPjN1o1wSstA

Request Chain 300

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJy0y0PrPKn-b8VM2oAIjmA&google_cver=1&google_push=AXcoOmRpr3PuafjyAGLgDb_3twBgDEQ5A_LQLcV4sYmL89wzCuUQi0TuImM_pEzxbVL2WGJZ8En4OwSaEQ2jN5kW3r691ABa3VeqPw HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJy0y0PrPKn-b8VM2oAIjmA&google_hm=ZWdzA7WnK5eqQKjLHFBrpAAABKkAAAIB&google_nid=index&google_push=AXcoOmRpr3PuafjyAGLgDb_3twBgDEQ5A_LQLcV4sYmL89wzCuUQi0TuImM_pEzxbVL2WGJZ8En4OwSaEQ2jN5kW3r691ABa3VeqPw

Request Chain 304

https://um.simpli.fi/gp_match?google_gid=CAESEB8qeCkG8ohyALVCbqhjKiw&google_cver=1&google_push=AXcoOmRCWDesXaE_BOk4la7fkzH1XsDlnRf4_QN8cCpG5kn1NLI3bYMP8nXPjvPJK0k0U4VIxCwqdY-Mvke7prVo-wXPeYawcL1n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F2E3F4819D6C4C429C723DE71EA201A0&google_push=AXcoOmRCWDesXaE_BOk4la7fkzH1XsDlnRf4_QN8cCpG5kn1NLI3bYMP8nXPjvPJK0k0U4VIxCwqdY-Mvke7prVo-wXPeYawcL1n

Request Chain 305

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJUt6-UXLktvYXbUK73EbCE&google_cver=1&google_push=AXcoOmSC2tAWBw3wamsoviP9mZ9z21CjcP4PVgHaN6AuIQsdhySiEuvjRSt5V-yAe3chIqYSvtME3_X9uUpKUdLAxk5tICP71Jmu HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJUt6-UXLktvYXbUK73EbCE&google_cver=1&google_push=AXcoOmSC2tAWBw3wamsoviP9mZ9z21CjcP4PVgHaN6AuIQsdhySiEuvjRSt5V-yAe3chIqYSvtME3_X9uUpKUdLAxk5tICP71Jmu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM3Njc0MTM0MDI0MDgzMzA1MQ&google_push=AXcoOmSC2tAWBw3wamsoviP9mZ9z21CjcP4PVgHaN6AuIQsdhySiEuvjRSt5V-yAe3chIqYSvtME3_X9uUpKUdLAxk5tICP71Jmu

Request Chain 307

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDnBXC_PfKE5YNg8_g-p6ms&google_cver=1&google_push=AXcoOmRVaWbChe5yQllhgX35Q93Xar7IKHqwgD2ekP7fkVdnbM-KmgmD1H05u6fNkftUp2GLErQj2w3XO9X5oFvDfR8uKpwUrH95 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBLMTlXSFYtSS05WVJD&google_push=AXcoOmRVaWbChe5yQllhgX35Q93Xar7IKHqwgD2ekP7fkVdnbM-KmgmD1H05u6fNkftUp2GLErQj2w3XO9X5oFvDfR8uKpwUrH95

Request Chain 308

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJy0y0PrPKn-b8VM2oAIjmA&google_cver=1&google_push=AXcoOmRW1h0hU9_cgO7kBwcyt3rD9llvAlCUgtzhLRDE1zNYqYr3oE6F2m4Lkk7_SD9SEPGb4mJauouyPO18KrSx365zImBph9De HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJy0y0PrPKn-b8VM2oAIjmA&google_hm=ZWdzA7WnK5eqQKjLHFBrpAAABKkAAAIB&google_nid=index&google_push=AXcoOmRW1h0hU9_cgO7kBwcyt3rD9llvAlCUgtzhLRDE1zNYqYr3oE6F2m4Lkk7_SD9SEPGb4mJauouyPO18KrSx365zImBph9De

Request Chain 313

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDF3N0OIhk4lyXA6BqmSj4Q&google_cver=1

Request Chain 314

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWdzA7WnK5eqQKjLHFBrpAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDF3N0OIhk4lyXA6BqmSj4Q&google_cver=1

Request Chain 315

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGQ2zwI1_J8A8swFX-5e764&google_cver=1

Request Chain 316

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTAyMzExMjc3NjQyODQxMTYyMQ%3D%3D

Request Chain 318

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENisnsw1b3FT2vD39YAijvQ&google_cver=1

Request Chain 320

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESECAdPrsj6A5Ykc-38upEQdo&google_cver=1

Request Chain 358

https://creativecdn.com/cm-notify?pi=openx&gdpr=0 HTTP 302
https://creativecdn.com/cm-notify?pi=openx&gdpr=0&tc=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537073053&val=UV-ofHxJKtuIFl4SY7mn94bYh9EPNybGx58cc51cHYs&pi=openx&gdpr=0&tc=1

Request Chain 359

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=VtyhSVfap0lN3fEaA926GlHb8khN2KZJAtjmFyZi

Request Chain 360

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8179235396278252749

Request Chain 361

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=b8cead73-d505-85c2-834c-3ca0ba4978da HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=b8cead73-d505-85c2-834c-3ca0ba4978da&dcc=t

Request Chain 364

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENisnsw1b3FT2vD39YAijvQ&google_cver=1

362 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
uintacountyherald.com/
Redirect Chain

http://www.uintacountyherald.com/
https://uintacountyherald.com/

42 KB
12 KB

289ms
246ms

Document
text/html

2606:4700:3035::6815:3136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 217c07738e2ac97de6d407dbc3e3f7f7c6d30bbf379cc9d064bec8cffc4e4ed2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 82dc8667c8afbbf1-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 29 Nov 2023 17:21:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yT2iSqyTTOeDRyQMuOreEyJGex72zM1WkqDWWfY6y4%2FQsI0OUkiN1P4zNLnCW9PlufRI%2BifKZlJiB7eLSO3c%2FfOT1NW3czIoHhqqKLwJn0%2FX8pNvWlB8l4k1IpB7KHdo27F4rXb1hphX4KmaoFWAlkAJ%2Bwk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 82dc8664386d0c39-AMS
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 29 Nov 2023 17:21:05 GMT
Location: https://uintacountyherald.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I2pGKGImY4xY1aebDt9tWvBRiUAac3W3MTy%2BEULBwnEl0NXjBNwyVl388izWeS4nnUVWBZ6QpWJNqJYDGGJrOtuh%2BNpGm9fFuFs75c%2FfS257ZOPSHH9T6Dr1sAvc5jiWzg5GsqARxnyi8GCjGiJZ9328vmlwiqyu"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 19 KB
1 KB 80ms
24ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,600italic,800,800italic

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

830d898d934130a45af1c5cb362bacc74be0edff8ada096b4df52dcc89e9a7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 29 Nov 2023 17:21:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 17:21:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Nov 2023 17:21:05 GMT

GET
H2 200 core.css
uintacountyherald.com/css/ 324 KB
56 KB 160ms
159ms Stylesheet
text/css 2606:4700:3035::6815:3136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uintacountyherald.com/css/core.css
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ff5bc4080805d1b92cd893311a3109e7eba4494af0aad0e9c3fd79f25d974a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:05 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 May 2020 13:32:35 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=338565
etag: W/"52a85-5a55f613ddcb4-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LCbjBR%2FrmEUKO6W6axHbjgSQ2ofKBDpPyiXFyaIaQJHz4Io30gOelco54o9uEqg9OSSbyG131JlpBl4z4HPrNrZ5g0EnSiFcYCaym7UF3lSZNj9uKJwuHHkNGDES97Ql4%2FolacZOpbMsb%2FWVAe%2FIhGt73wY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 82dc86695abfbbf1-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 frontend.css
uintacountyherald.com/css/ 43 KB
10 KB 140ms
139ms Stylesheet
text/css 2606:4700:3035::6815:3136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uintacountyherald.com/css/frontend.css
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f52ed32d6b3e2f23b1bcc7703d257a9b015a9d5c2471757a3371b010786ca45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:05 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 22 Oct 2023 19:20:01 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=59418
etag: W/"e81a-60852fdfc2915-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FEwoTctG3JLpMoAQfiPJGVrz96L8OHoPS92wpemK0RVdhOSoMLmz6MvuAjQ0df611bZz9fgre0vFdI3LqFrS1p1r%2Fuj%2FGXPjW0jFdGyGWKdFZgz53U1zBiFidt8oUwRO0HtXZ%2FoEaNPfCcqt7hc0nMiANvM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 82dc86695ac0bbf1-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-2.2.4.js Show response
code.jquery.com/ 252 KB
75 KB 33ms
6ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.4.js
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 6476261
x-cache: HIT, HIT
content-length: 76245
x-served-by: cache-lga21969-LGA, cache-fra-eddf8230092-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1701278466.525925,VS0,VE0
etag: W/"28feccc0-3ee0f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 6556, 54351

GET
H2 200 core.js Show response
uintacountyherald.com/js/ 697 KB
211 KB 167ms
166ms Script
application/javascript 2606:4700:3035::6815:3136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uintacountyherald.com/js/core.js
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b41eaede202328cb31b62ef15ba289d329227d8c8c30531e5414249b9de2015c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:05 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Jan 2022 18:18:19 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=802892
etag: W/"c404c-5d69457c07ac5-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YiO1Xl8ghHTnr8OFGJey0TGCd4sAescAqCq7FFjExUqQRas47ApyYdirRyFD3aCsMYl0bLWj2juxYtMFbTx%2BlZM9fwNmaiNqDMdpQoYoDz5mZJBKq2i4%2BnaQ2XD2w1F5DX2eVahFzalhDWQeH%2BmjuvXiUQ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 82dc86695ac1bbf1-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 frontend.js Show response
uintacountyherald.com/js/ 16 KB
5 KB 141ms
141ms Script
application/javascript 2606:4700:3035::6815:3136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uintacountyherald.com/js/frontend.js
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72311de052bfd96ef38559c81b625ca11bd5d4cc47a927c326b95aedad11aa1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:05 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 24 Jan 2021 17:26:45 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=37767
etag: W/"9387-5b9a8b9bc5949-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M2jIlPkBnbk9Hwb%2Fdwx1YE3P9K50esaEVaOVOqU%2FsBExWzANiWy3Kv91cKH47NMgzoDpi9L%2FibKSQkvFxlGdspkymeY%2B0JNFSoOT5TqbiaROwDaaj86LbMG%2Bpi3SYDa37sZkLMSG9sWchiaQTKskxuOT26U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 82dc86695ac3bbf1-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 flipptag.js Show response
cdn-gateflipp.flippback.com/tag/js/ 264 KB
55 KB 552ms
515ms Script
application/javascript 99.84.88.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=%201262363
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-88.muc50.r.cloudfront.net
Software: envoy /
Resource Hash: ddc584d44835ba7b534f2dded52f56d104cb8d8951faed6fde802e4121b970dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
content-encoding: gzip
via: 1.1 2d469870f5a756385a1eb37325629a1e.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: MUC50-C1
vary: Origin,Origin, Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: no-store
x-envoy-upstream-service-time: 5
x-amz-cf-id: 0K558k0Un4dQPqtja0O7vRBi2MgUZAlIZiOWRzr8h6nFT5pwHAVd3g==

GET
H2 200 flipptag.js Show response
cdn-gateflipp.flippback.com/tag/js/ 264 KB
55 KB 355ms
317ms Script
application/javascript 99.84.88.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=%201262364
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-88.muc50.r.cloudfront.net
Software: envoy /
Resource Hash: ddc584d44835ba7b534f2dded52f56d104cb8d8951faed6fde802e4121b970dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
content-encoding: gzip
via: 1.1 2d469870f5a756385a1eb37325629a1e.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: MUC50-C1
vary: Origin,Origin, Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: no-store
x-envoy-upstream-service-time: 6
x-amz-cf-id: eEE3f-5yYQueV0g2Wqtdzf5Eaoi-ODVlOlOsQMJfb2vti7J68W85ow==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 91 KB
30 KB 114ms
57ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e40a8b2a2714716ecf2920b76b66a999b525844a13239c8bc8764c3656b3e5cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30016
x-xss-protection: 0
server: cafe
etag: 564 / 19690 / m202311150101 / config-hash: 3080115608911758694
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 17:21:05 GMT

GET
H2 200 6b80b3e7c63ef9a362e24abd4f27512e.jpg
uintacountyherald.com/storage/2017/03/ 30 KB
31 KB 144ms
143ms Image
image/jpeg 2606:4700:3035::6815:3136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/storage/2017/03/6b80b3e7c63ef9a362e24abd4f27512e.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06827a14761ece907961a2dedebe66ddaa89a18f875b94db92c4f2acf5b7f6aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:05 GMT
cf-cache-status: HIT
last-modified: Mon, 11 May 2020 13:24:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"793b-5a55f45d0146e-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DM3nUvZwOXoaeeipibch6UeW8lweUGD70xNOt0XZHKpe7M18hFH%2Bb30HEPXjuZ29olkpY7lDp0UE2zGpVZPSMMyrT02eo1L3qLCSceJ0urnEElkivsdl0hXckfp4%2FJggx9R2wOxsS2Ah20LEJpg%2Bcf%2BBMoc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 82dc86695ac5bbf1-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 email-decode.min.js Show response
uintacountyherald.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 10ms
10ms Script
application/javascript 2606:4700:3035::6815:3136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://uintacountyherald.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:3136 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 27 Nov 2023 12:56:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"656491fe-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tfz%2FZNi81B2jnW3%2F9p8pUKFMGJxd8YNOg3bqsGT4ln2bvU%2Bu9zB6%2F1BT3socOJ%2BTVnjZuTWLlZfGzmwC6hplk42tQtHSgX9qYiYf9LK8k7Ccg7Y5wU9vjSQn5uvG1%2F2voLz81eBVvMffi7ChhGItSJcajQM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 82dc86696ac9bbf1-FRA
expires: Fri, 01 Dec 2023 17:21:05 GMT

GET
H2 200 5e925e72aae527119ae05881f787057d.png
uintacountyherald.com/storage/2023/09/ 36 KB
37 KB 16ms
16ms Image
image/png 2606:4700:3035::6815:3136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/storage/2023/09/5e925e72aae527119ae05881f787057d.png
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d59be64a04beed93e3eebbe6cc1bc2be05e6f03e726c59b17264735069549c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:05 GMT
cf-cache-status: HIT
last-modified: Fri, 29 Sep 2023 22:52:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 911
etag: W/"91a6-60687486c463a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35lwVSMgrwRldQVXQqv07eshfsCJOdcz3T7l2Scu1FeIzVy%2F80XHF2DKcBRZbH1j%2BqY2IWmAWBjdT2rCt%2FNiawjweb7UrbdOomokCvQgA6OhxQs06CDT5b8oWWYJhyuasPFopYGFCwCEhEzDKKTf1vOpsAk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 82dc86697af6bbf1-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 abc9a1495b19244ed06ca886688a056d.png
uintacountyherald.com/storage/2023/09/ 36 KB
37 KB 147ms
147ms Image
image/png 2606:4700:3035::6815:3136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/storage/2023/09/abc9a1495b19244ed06ca886688a056d.png
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d59be64a04beed93e3eebbe6cc1bc2be05e6f03e726c59b17264735069549c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:05 GMT
cf-cache-status: HIT
last-modified: Fri, 29 Sep 2023 22:52:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"91a6-60687486c463a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zvTqdmYSI%2BwN%2Fko7pO8Wj9%2BZmxbUqP8FlbqjUWkGyMFRwqizi9rhceR1zWXtch3JDEl1gFI%2BHVH3mE%2BoVSVWkM51gPSGqAI7oZOTeGA8Nl%2BTruGLiVBO77qVUOqa008Q%2BWIBc3uLDtHd0%2BkhCROICCq1i6I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 82dc86699d46b791-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ 162 KB
52 KB 55ms
16ms Script
text/javascript 108.138.36.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-71.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 69848d17f84889ee20b38a8ec02d1f7502ed0b3ae5352b9533a4cefd6bbe11d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 03:03:58 GMT
content-encoding: gzip
via: 1.1 c807be9a1ebef174d61ebd59fb655d20.cloudfront.net (CloudFront)
last-modified: Mon, 06 Nov 2023 20:47:51 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 51432
x-amz-server-side-encryption: AES256
etag: W/"d639888467d34e28bf15173204590f92"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=60
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: NF8YY_ouAwfCd5iAkHAcD1jEySGdiaOCj_fLwH0dxDL-W6UelWnx_Q==

GET
H2 200 trxtwo.php Show response
japfg-trending-content.uc.r.appspot.com/ 13 KB
4 KB 213ms
137ms Script
text/html 2a00:1450:4001:81c::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://japfg-trending-content.uc.r.appspot.com/trxtwo.php?s=10236&v=1&q=4&i=21
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: 8bc094e254d80f5e99646cb1cd1954f66f859bce2cb0395d42500250a17cec7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:05 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H3 200 32b857f43de71cefbeab6f5170d542a8.jpg
uintacountyherald.com/storage/2023/11/ 277 KB
277 KB 149ms
148ms Image
image/jpeg 2606:4700:3035::6815:3136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/storage/2023/11/32b857f43de71cefbeab6f5170d542a8.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: beaccc653c47d03c7afbc10a2ae03f6daeb78e15094aa18067533d2d4b4a3bf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:05 GMT
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 16:26:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"45252-60b4cfda6420d-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FY8YuBckbPC8QxGftSg%2BhYHge0uKtfRr%2BYhplRwOPdKDZefwjb%2FT9p%2BEuayMcx0h7rwkaAO7cDzzAGrbzkQacCxjyikjMlagErmfEfACjsMyMs8ovcWjZ37JpwB%2F5FqdJoqtx1TwWuWrcBNXaO%2FrSoHM5fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 82dc866abe37b791-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 722b01131f4b6a5dc94d02c8be8ef7db.jpg
uintacountyherald.com/storage/2023/11/ 277 KB
277 KB 37ms
36ms Image
image/jpeg 2606:4700:3035::6815:3136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/storage/2023/11/722b01131f4b6a5dc94d02c8be8ef7db.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: beaccc653c47d03c7afbc10a2ae03f6daeb78e15094aa18067533d2d4b4a3bf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:05 GMT
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 16:26:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
etag: W/"45252-60b4cfda6326d-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OB20eNQhS3j%2FEr04HnVQgN4KdGEDfdmqg3PJLn1i%2F232X6rT9NlgfbCOkS6s7Qu561bA3H8OVvjQe1871K6DbsSuGR1QlhKTMVKj%2BqWEfK1CGkRhw7lKyFbRWabcnOZgsWzqCnnZLdiI01TJENcxkaEXzS8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 82dc866ace57b791-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 5479a16e3589257928698d21a0285f54.png
uintacountyherald.com/storage/2023/11/ 102 KB
103 KB 67ms
67ms Image
image/png 2606:4700:3035::6815:3136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/storage/2023/11/5479a16e3589257928698d21a0285f54.png
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ece864356b2a5fcc81af5663854530d87ebcb622acea8cc5a95bd7a64449ed3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:05 GMT
cf-cache-status: HIT
last-modified: Wed, 01 Nov 2023 16:25:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
etag: W/"199ae-60919b99db75d-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MBJhUm%2B%2BWhldEu13iBS5sg8Xf7tIUCBNUYuX5zXoihU6zaBNdtbXZk5La%2FOLlZwIXXAbW78q2emp8t4UiacGgI1%2FY%2Fbl%2F6KVIZETOucxsQIM%2FsxAM5kD8I17%2BgkK886tRlDVHO7zPaQ1fSlGTyw04DlERNA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 82dc866ace62b791-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 f59dbc2d6c0c682cf13e7e1fd8a656a2.png
uintacountyherald.com/storage/2023/11/ 102 KB
103 KB 70ms
69ms Image
image/png 2606:4700:3035::6815:3136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/storage/2023/11/f59dbc2d6c0c682cf13e7e1fd8a656a2.png
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ece864356b2a5fcc81af5663854530d87ebcb622acea8cc5a95bd7a64449ed3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:05 GMT
cf-cache-status: HIT
last-modified: Wed, 01 Nov 2023 16:25:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
etag: W/"199ae-60919b99da7bd-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ccBqlZm6M%2BIo9Pty6BDPP4CpGb18bOTA%2FCQut4QSCUkL4G%2B2Kt%2FNnNdoUZMJrMAQgZ6Xrmxu2JqOb8OisjwiiKuZ2HUaH9usI91LHZJrCSxJHkWjJXUrbTs6YL0oMFGtwr1DPTdQD4rQtuo4fSbNflor3fI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 82dc866ace64b791-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 f2a4abd93ed0b5037fbdad9f15e1d04b.jpg
uintacountyherald.com/storage/2022/12/ 21 KB
21 KB 80ms
79ms Image
image/jpeg 2606:4700:3035::6815:3136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/storage/2022/12/f2a4abd93ed0b5037fbdad9f15e1d04b.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c7a64ef7927a72ad708b7e637fe15660ce2886926662417cc58cc7b1d4fc9d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:05 GMT
cf-cache-status: HIT
last-modified: Thu, 22 Dec 2022 14:46:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
etag: W/"5295-5f06bbbca070c-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GE4aGIvoK3%2F8cGVlKnex9P21dBKWxkP%2BLwoQpVTDqqYjoyMOn7NaGBL5f%2FYPCOd0m0yXmv154LO3YQAwwaDUeW%2Fed%2FMC8EpJx7NjwqkEI76nG7F9LP0O%2FasZrmX8grN39%2FmJl3POrzuhtpaHHxRPZsMvWYI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 82dc866ace65b791-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 a1b4e52e6598859ec1acaea8cb2dae40.jpg
uintacountyherald.com/storage/2023/11/ 318 KB
318 KB 25ms
24ms Image
image/jpeg 2606:4700:3035::6815:3136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/storage/2023/11/a1b4e52e6598859ec1acaea8cb2dae40.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15d2c9891ee435671284903c294405bada28295772a2e013e31f20cbe4242078

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:05 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Nov 2023 22:17:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
etag: W/"4f782-60ab0f77084c3-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gA1qs%2BfPX9siikTP4dr7wkytoqDALyXnPhP1LWficBZRd4PuwWphTNtkERD%2FzCLbUJQy3%2BM2O0zkycFnZE4tiWRYam%2B2K6KJFR1G9qATA5YTl%2BjmrwDj1YdFUQ%2Freal2h3DzlshLdFFqiRM5SwUE3NCtPEw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 82dc866ace66b791-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 1cb6606700f63ca1b7b1268eda524533.jpg
uintacountyherald.com/storage/2023/11/ 318 KB
318 KB 83ms
82ms Image
image/jpeg 2606:4700:3035::6815:3136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/storage/2023/11/1cb6606700f63ca1b7b1268eda524533.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15d2c9891ee435671284903c294405bada28295772a2e013e31f20cbe4242078

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:05 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Nov 2023 22:17:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
etag: W/"4f782-60ab0f77084c3-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ucgv88f%2B0zl3xE3iysCOLHP9ojSseFE3Dq7%2FNJfaD95%2FcfTssPGiyP8y4lEAfbsmq7pmBMdVMf0mTrCwIzs5Pd4OalD9zJx6g5Qd9baF40O3zFH0Ux8gTBagxPsOYAPGQk4Wrcsttl%2F3Ngmb5MCMggyNUkQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 82dc866ace6ab791-AMS
alt-svc: h3=":443"; ma=86400

GET
H2

200

csw-polyfills.js Show response
d2zqfs55y95cft.cloudfront.net/jspoll/5/
Redirect Chain

https://www.civicscience.com/jspoll/4/civicscience-widget.js
https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js

117 KB
37 KB

56ms
16ms

Script
application/javascript

2600:9000:20c3:e800:f:c7b3:ce40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Server: 2600:9000:20c3:e800:f:c7b3:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 228b3251f30d87c5d22b501e01b21a335a8e3d9966dff24f94b3d5a916b1df23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:47:37 GMT
content-encoding: gzip
via: 1.1 e01f54b21119ff385b2879b6a08078e0.cloudfront.net (CloudFront)
last-modified: Mon, 20 Nov 2023 16:47:03 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 2014
etag: W/"b60839808f96a73bc621ad0d3e83f258"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: U8D0uRs9rYuBi8F4cnSXjdcAWRFDZQ3KqPDoiGobUbwpYZrCRlfLdw==

Redirect headers

location: https://d2zqfs55y95cft.cloudfront.net:443/jspoll/5/csw-polyfills.js
date: Wed, 29 Nov 2023 17:21:06 GMT
server: awselb/2.0
content-length: 110
content-type: text/html

GET
H3 200 theme.js Show response
uintacountyherald.com/js/ 4 KB
2 KB 24ms
22ms Script
application/javascript 2606:4700:3035::6815:3136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uintacountyherald.com/js/theme.js
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1b3793f1f30ddbc4854cafbf2b9bc37f21c9e6e16b5b87c5607c9f20f9bd77d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:05 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 22 Oct 2023 19:20:01 GMT
server: cloudflare
age: 1
etag: W/"1121-60852fdfc7735-gzip"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XxwbafD6o1A7T0x1cUCuPFa%2BXG1Ug83%2BPoMmXcGTH9yRVxgRSlD32hN4ckcVMRIM6rcmX0%2FMwtFiLT9cSfG%2Fp8Px5zEU3lmM9C%2Bbtp4qWajGLV5DIqNeimRp9XhD9r3OnBwDXmNaFwBTC%2FXUTZmRF03%2BU7k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 82dc866ace60b791-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 infolinks_main.js Show response
resources.infolinks.com/js/ 4 KB
3 KB 59ms
25ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a2877d35b782162338bb95faedfa08559e23788db9d926e97da4d0efd2dbfc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:05 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 14 Nov 2023 15:31:57 GMT
server: cloudflare
age: 6342
etag: W/"1045-60a1e7cae1276"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 82dc866afb6539ec-FRA
expires: Wed, 29 Nov 2023 16:35:23 GMT

GET
H2 200 ;ID=181918;size=0x0;setID=517063;type=js;sw=1600;sh=1200;spr=1;kw=home;pid=8311453;place=0;rnd=8311453;click=CLICK_MACRO_PLACEHOLDER Show response
ads.empowerlocal.co/adserve/ 2 KB
1 KB 438ms
106ms Script
application/javascript 51.81.49.106
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.empowerlocal.co/adserve/;ID=181918;size=0x0;setID=517063;type=js;sw=1600;sh=1200;spr=1;kw=home;pid=8311453;place=0;rnd=8311453;click=CLICK_MACRO_PLACEHOLDER

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.81.49.106 , United States, ASN16276 (OVH, FR),

Reverse DNS

ns1002533.ip-51-81-49.us

Software

nginx /

Resource Hash

90d39658bacdcd452abb1e57316d82ec1623136616c27fe26499bd76ace04e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
content-type: application/javascript
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 25009f3f98ffbd263b013f97547373a6.jpg
uintacountyherald.com/uploads/images/2023/11/ 212 KB
213 KB 89ms
89ms Image
image/jpeg 2606:4700:3035::6815:3136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/uploads/images/2023/11/25009f3f98ffbd263b013f97547373a6.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3b65ede8aa80d69086ebfc2ba95190db553d3c3c2dea16d2680f3e38139cf69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:05 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 20:33:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
etag: W/"3508e-60b3c55d6a531-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mDCUMpOa9x3XMNre2vjfUWXWKn9%2FqGDyEyGHPkZy63OnPRC1xSFvA2KgY0yGJqECIml9hF65njZSH7qAVqHBap9awfKsPskNDtVzKp0mCkAAmq4l96I5BeY4SEQoVu98KqdKLiCO9tVWmt5dX55Lce8kIHk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 82dc866ace79b791-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 c55c9857fea7a37c96ad41fed57f6b52.jpg
uintacountyherald.com/uploads/images/2023/11/ 301 KB
302 KB 92ms
91ms Image
image/jpeg 2606:4700:3035::6815:3136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/uploads/images/2023/11/c55c9857fea7a37c96ad41fed57f6b52.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c063693d624db0edfc01cd250407f03a28978827eb522a63a9bd9a81de1d43fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:05 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 20:30:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
etag: W/"4b44b-60b3c4b605ebd-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qeXbd4IZvwnyXumYBIcAXANpjtzZ6HMpQY3S%2F14Tl5V174I6KKKh6rtu9PcOD7jYuk56aWZRnd1U3Dm7yVlBZePSGxNhSRuplyw%2BE7%2F%2FbPvtXvnvwBWmVRnf4KKSW2pkoxQfFmvvKQ62eX0DpG68Oj3nlMY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 82dc866ace7db791-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 3c9137615603175ea2792b9952700e55.jpg
uintacountyherald.com/uploads/images/2023/11/ 246 KB
247 KB 95ms
94ms Image
image/jpeg 2606:4700:3035::6815:3136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/uploads/images/2023/11/3c9137615603175ea2792b9952700e55.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d17cd1b0750b9aca5b829de55c1825856c83c5a39308ba68f5a8f2a107836d02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:05 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 20:37:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
etag: W/"3d857-60b3c64c83888-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2G6pJ187VWAZ5r%2Fpkvo7M8uuQypsQYP8XzghMM9hiixRMypTsK2anrnbiDzRSYhqhkEE7%2FtSC0b6P9L9i8gkhcpv4Fror56Ziw6FbcfvAzGPrpR73N7n4ma3B4y%2F1Dak1b%2Fwxqk0yVsiDVDxhdTIB5rBOGo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 82dc866ace7eb791-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 712deeb2dd590e5f093eb8fc85091f14.jpg
uintacountyherald.com/uploads/images/2023/11/ 175 KB
175 KB 104ms
103ms Image
image/jpeg 2606:4700:3035::6815:3136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/uploads/images/2023/11/712deeb2dd590e5f093eb8fc85091f14.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1718a500d475a7d43e60f5b0ae7da117ef7dae7b51b1d58c8187d3ccb7561469

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:05 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 20:44:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
etag: W/"2ba68-60b3c7b37ecc0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bo90DoeayB6mxoZ4Jh0mcjWQmvtIID4ManxI3fg243QCgvyBKu7JcuJmZlLvh0vkcEtPaVPfOEqKP5EkUwFCfkDGC10cPqObUHHOBX3hhpn7xSV4n8R6RBC4AwUfasPxsFyakS%2FS08bICtfM5v1wEyQLjUk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 82dc866ace80b791-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 fontawesome-webfont.woff2
uintacountyherald.com/fonts/ 69 KB
70 KB 106ms
105ms Font
font/woff2 2606:4700:3035::6815:3136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uintacountyherald.com/fonts/fontawesome-webfont.woff2?v=4.6.1
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/css/core.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d

Request headers

Referer: https://uintacountyherald.com/css/core.css
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:05 GMT
cf-cache-status: HIT
last-modified: Sun, 22 Oct 2023 19:20:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
etag: W/"11448-60852fdfc4855-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DLw5FxcvjnMpXaatg6gwnJCxoiypRdVtYySFgjYeZHrCVb%2BsunBMTJ0o%2BgqrPTpmDNTxabXk7vKvtBTQjVfAU1DYz9zwRlEkeP1y8f6jSZp%2BAP7H%2B8nX%2FIfSuODgTIuQTqSRIkmuRyCxmf%2FKu9fqpwgxsy0%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
cf-ray: 82dc866ace85b791-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 49ms
14ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,600italic,800,800italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 14:29:28 GMT
x-content-type-options: nosniff
age: 442297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 14:29:28 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/ 431 KB
135 KB 139ms
50ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:19:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3675
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138149
x-xss-protection: 0
server: cafe
etag: 11558412289700915514
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 28 Nov 2024 16:19:50 GMT

GET
H2

200

embed.js Show response
embedcdn.sendtonews.com/easy-stn-player/7.27.3/
Redirect Chain

https://embed.sendtonews.com/player2/embedcode.php?fk=Be6nXXXs&cid=12385&SIZE=400&floatwidth=400
https://embedcdn.sendtonews.com/easy-stn-player/7.27.3/embed.js

7 KB
3 KB

33ms
15ms

Script
application/javascript

108.138.36.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embedcdn.sendtonews.com/easy-stn-player/7.27.3/embed.js
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Server: 108.138.36.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-51.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1da668b550eefcd79d33e6ed0d2d95bdff861c0a27cb966283a9896135c25a25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:20:35 GMT
x-amz-version-id: VYi.O2P8gHFZZ4__LTBAjISIUxc1PhGK
content-encoding: br
last-modified: Fri, 24 Nov 2023 22:51:00 GMT
server: AmazonS3
via: 1.1 75964e4626dd702b8dac2690031df25a.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
etag: W/"f96e856bda7624502366107fc623993a"
age: 32
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 2nmOS8rIHc61nw6YaqHqxjW_0_HtsfjrorC6fYZ3mpTY4KM3MwzyNQ==

Redirect headers

date: Wed, 29 Nov 2023 17:21:06 GMT
via: 1.1 75964e4626dd702b8dac2690031df25a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-P2
x-cache: FunctionGeneratedResponse from cloudfront
location: https://embedcdn.sendtonews.com/easy-stn-player/7.27.3/embed.js
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: 12cPtkLjZrwAbj1bptSsSlVEuv-_qGpDT_0-seuRSfgJX2ez8AxZow==

GET
H2 200 app.js Show response
ads.empowerlocal.co/ 67 KB
13 KB 119ms
119ms Script
application/javascript 51.81.49.106
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.empowerlocal.co/app.js
Requested by: Host: ads.empowerlocal.co
URL: https://ads.empowerlocal.co/adserve/;ID=181918;size=0x0;setID=517063;type=js;sw=1600;sh=1200;spr=1;kw=home;pid=8311453;place=0;rnd=8311453;click=CLICK_MACRO_PLACEHOLDER
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.81.49.106 , United States, ASN16276 (OVH, FR),
Reverse DNS: ns1002533.ip-51-81-49.us
Software: nginx /
Resource Hash: 19f017b060eef42c6c184a49c2293ba61282cf67189da8025a13dd7dd680e588

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
content-encoding: gzip
last-modified: Mon, 06 Nov 2023 19:03:50 GMT
server: nginx
etag: W/"65493896-10da1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
expires: Wed, 29 Nov 2023 17:51:06 GMT

GET
H3 200 easy-stn-player.js Show response
embed.sendtonews.com/easy-stn-player/7.27.3/ 669 KB
186 KB 41ms
24ms Script
application/javascript 108.138.36.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/easy-stn-player/7.27.3/easy-stn-player.js
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.36.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-51.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 01f01b1e21685ff7d3205f6ab09c5f17880f5cebae153984ed37e924655b26f0

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:20:49 GMT
x-amz-version-id: 9tVAw7AA5agsVkQuMFQO_0sGFxOeKP_B
content-encoding: br
last-modified: Fri, 24 Nov 2023 22:50:59 GMT
server: AmazonS3
age: 18
x-amz-cf-pop: MUC50-P2
etag: W/"9e6d70c2b98a4c2a67d96133b1bbe2f7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
via: 1.1 7f6fdb9a0ec439bac9ac6cc0db13237e.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: YyS-q5mq3g-5rilUMQKlNp8zFog3uXNbLaZWv3zdPJU-LJ1E3rEocQ==

GET
H2 200 T7-WeqGxz8IbEcBYNha3BT0VoBDhhImF7_uSBjwS28byiIS8dMKeU6wNryhJ1PD602MBcTqEvEhxDIpWsI8K-a0FcQN65g=w450-h375-c-rj-l75
lh3.googleusercontent.com/ 26 KB
26 KB 157ms
78ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/T7-WeqGxz8IbEcBYNha3BT0VoBDhhImF7_uSBjwS28byiIS8dMKeU6wNryhJ1PD602MBcTqEvEhxDIpWsI8K-a0FcQN65g=w450-h375-c-rj-l75

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2346547ad9ad5c7aba3d07a14b771a7dc389f3132be2357b88a26fc27ead4784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:07:51 GMT
x-content-type-options: nosniff
age: 4395
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27015
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 30 Nov 2023 16:07:51 GMT

GET
H2 200 QT5N61cLgwpJcE8grVQe8McK_OdFOXtRemNzwmt8SQ2-1HjEdnh5KHX_etna9F8gN0ewwbHenjsDdPKTmSmgQK91labsQORi_rHjaw4j391UuQzbV4f-=s42-p-rj-l68-e365
lh3.googleusercontent.com/ 1 KB
1 KB 147ms
68ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/QT5N61cLgwpJcE8grVQe8McK_OdFOXtRemNzwmt8SQ2-1HjEdnh5KHX_etna9F8gN0ewwbHenjsDdPKTmSmgQK91labsQORi_rHjaw4j391UuQzbV4f-=s42-p-rj-l68-e365

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb369005de05fb33b88404fd5d022a6f808e8fd01de9dce04c18f09a9c272c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:00:09 GMT
x-content-type-options: nosniff
age: 4857
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1043
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=7776000, no-transform
timing-allow-origin: *
expires: Tue, 27 Feb 2024 16:00:09 GMT

GET
H2 200 hWuuPEWBby9xeJwHvsz7yZdmJCjw3c9JAEo8_5O1Vhw7UF8YCz-S9lwsOUeJAuQLhactBXJPKzhbpwVV5Dg7nOEIppSbFA=w450-h375-c-rj-l75
lh3.googleusercontent.com/ 48 KB
48 KB 110ms
31ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/hWuuPEWBby9xeJwHvsz7yZdmJCjw3c9JAEo8_5O1Vhw7UF8YCz-S9lwsOUeJAuQLhactBXJPKzhbpwVV5Dg7nOEIppSbFA=w450-h375-c-rj-l75

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

69b5b96cf9c3ea4f1abfbce7dd1371b24b8a067868084b248b1cd6c5f5d6a4be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 13:52:51 GMT
x-content-type-options: nosniff
age: 12495
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48775
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 30 Nov 2023 13:52:51 GMT

GET
H2 200 EL0bCFTqMEkci79hNf9I0Mgn1jazHkcibrXy5uUwcYLaHZ6XLl6-giBk8xYyEgyOm-8LMcIibBJZq-afkrpRsZxa2PojWhJOJyqFG9I=s42-p-rj-l68-e365
lh3.googleusercontent.com/ 1 KB
1 KB 109ms
31ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/EL0bCFTqMEkci79hNf9I0Mgn1jazHkcibrXy5uUwcYLaHZ6XLl6-giBk8xYyEgyOm-8LMcIibBJZq-afkrpRsZxa2PojWhJOJyqFG9I=s42-p-rj-l68-e365

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6a1b6deeb6d9b1d9947bba08a3f95710af6044247b36eff3cf22d8700838343b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 13:52:51 GMT
x-content-type-options: nosniff
age: 12495
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1163
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=7776000, no-transform
timing-allow-origin: *
expires: Tue, 27 Feb 2024 13:52:51 GMT

GET
H2 200 uVSg4fVPB5xLKnZPjLxkC3ZcSxXu5EdOMIRpH_eHSSMzGEQB28nyAV92haegeWggQA6BL5Z1N_87UHe9d9gtdljrVrvioRs_zZqZzhXY_KQ=w450-h375-c-rj-l75
lh3.googleusercontent.com/ 51 KB
51 KB 166ms
88ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/uVSg4fVPB5xLKnZPjLxkC3ZcSxXu5EdOMIRpH_eHSSMzGEQB28nyAV92haegeWggQA6BL5Z1N_87UHe9d9gtdljrVrvioRs_zZqZzhXY_KQ=w450-h375-c-rj-l75

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cbf112e7f6c6ce27de3f10dc88b8ff53f44c4df23ec42225eace10786cbf99d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:16:14 GMT
x-content-type-options: nosniff
age: 292
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52123
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 30 Nov 2023 17:16:14 GMT

GET
H2 200 QSYLLecapuItwnI-6aJ146RcffnTKrKRvY-S_RVFoaej0V3IMdmiI661_zOhz-BkhUuhHDuW3D2OcuymTJNgD8Sr9YXKpXEaaBPZ2Q=s42-p-rj-l68-e365
lh3.googleusercontent.com/ 923 B
1012 B 145ms
67ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/QSYLLecapuItwnI-6aJ146RcffnTKrKRvY-S_RVFoaej0V3IMdmiI661_zOhz-BkhUuhHDuW3D2OcuymTJNgD8Sr9YXKpXEaaBPZ2Q=s42-p-rj-l68-e365

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7f4595c0922ca80c69791bc2c3b887d15679c02c4e3ba2ca67747aa5ee50bac8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:16:14 GMT
x-content-type-options: nosniff
age: 292
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 923
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=7776000, no-transform
timing-allow-origin: *
expires: Tue, 27 Feb 2024 17:16:14 GMT

GET
H2 200 C7O_8J6u_HS1IvK2KrWhUznxGuVrDGO9ST-pDeGTqkAIpow1jP3eUl4DHcXSgooQjnPljiO41JAqQm-KfpLCUCwN2YjHaQ=w450-h375-c-rj-l75
lh3.googleusercontent.com/ 37 KB
37 KB 124ms
59ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/C7O_8J6u_HS1IvK2KrWhUznxGuVrDGO9ST-pDeGTqkAIpow1jP3eUl4DHcXSgooQjnPljiO41JAqQm-KfpLCUCwN2YjHaQ=w450-h375-c-rj-l75

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

71ec08c379d02f2dc289738042a2b7842b8a3f35a90747497a337326075715ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 13:45:05 GMT
x-content-type-options: nosniff
age: 12961
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37522
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 30 Nov 2023 13:45:05 GMT

GET
H2 200 PJ0X5gU4IlL_OMroflGwNKdVzOq9-_P5ZAucLPwAeuvlTvAwICRtF6PxZ_QTDKcUbb9kMLEsv_1aMrFDp0ZhNZZ5by1s4e6WqkYDJnY=s42-p-rj-l68-e365
lh3.googleusercontent.com/ 1 KB
1 KB 133ms
69ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/PJ0X5gU4IlL_OMroflGwNKdVzOq9-_P5ZAucLPwAeuvlTvAwICRtF6PxZ_QTDKcUbb9kMLEsv_1aMrFDp0ZhNZZ5by1s4e6WqkYDJnY=s42-p-rj-l68-e365

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a8ba06958297f0be9558ceb69e9af6a47ac8d5130f49e92bc29db08c9403dffd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 13:45:05 GMT
x-content-type-options: nosniff
age: 12961
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1098
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=7776000, no-transform
timing-allow-origin: *
expires: Tue, 27 Feb 2024 13:45:05 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 144 KB
54 KB 74ms
37ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P6JN5TJ

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

02dca805f8fb8debf67e38ddbe20bcbebd676cc6a885b6c436b5ddc732b7dd28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54513
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Nov 2023 17:21:06 GMT

GET
H3 200 54e24c09270cf1ee18ccc7d391f6dbce.jpg
uintacountyherald.com/uploads/images/2023/11/ 63 KB
64 KB 21ms
20ms Image
image/jpeg 2606:4700:3035::6815:3136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/uploads/images/2023/11/54e24c09270cf1ee18ccc7d391f6dbce.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e86016be4caf9bb99fc3944097ecacedbb139ff2f8421d9c74dc56cc3e3f1c27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 21:09:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2
etag: W/"fcb3-60b3cd6b0f33a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uA1%2FDT2tWDpasZcR06ygSuN%2B0o3zmr4gMS65yRyn8rpfOMFthHhgQLEV9EqnLyL3N7A5Sei4dZZNIjsdi8FNHlMlXEZHOkFq8MxPKnPQr6F3lS6xB4gXuVifOR9SURM7eIP4vuj7SBs%2B5kMJ%2Fu6ZDGy3BZo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 82dc866e49d9b791-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 9b0d12ff6adcf5747ada80f6b6e5f517.jpg
uintacountyherald.com/uploads/images/2023/11/ 183 KB
183 KB 22ms
22ms Image
image/jpeg 2606:4700:3035::6815:3136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/uploads/images/2023/11/9b0d12ff6adcf5747ada80f6b6e5f517.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd5ecb6c1299f05c9b6f44225275198c2aa45956538fc21a86593bba0bf3986d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 21:06:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2
etag: W/"2daae-60b3ccbf7a827-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFO0WYUDSUVvw0dPVE%2Fhwf1ggiqOyZbtV%2FO%2Fc7OfCxc7M%2FZn6wbF74g305bNtkn%2FDn4jdiihPrCrZe4EbH1G7a%2F8l%2Bp%2FcFOhRWGkPC2n4ul0mtw5nvFlCtxH5vxlyG43LtTVoqdElRrsMzyYwdx6acmO%2F4s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 82dc866e49dcb791-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 6cd6b89d607ac1ad6b07cf14086e5114.jpg
uintacountyherald.com/uploads/images/2023/01/ 76 KB
76 KB 22ms
21ms Image
image/jpeg 2606:4700:3035::6815:3136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/uploads/images/2023/01/6cd6b89d607ac1ad6b07cf14086e5114.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 523a9533f11df3058a5b0b01a77e91f3e6ad122daa14d874082fa906aaabe484

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
cf-cache-status: HIT
last-modified: Fri, 27 Jan 2023 20:23:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2
etag: W/"12e04-5f344a1db15b0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hFMFB5GnXzz3hI2fMehvkErn3Zmnw1qZSlYBzS4tkzuhSD3TAYtp3DtzAdqY787U%2Bko4O8XjDdGQhQR3rrNzV%2BldGTi60xvKMsmDEso0ok2N42dMW7DcZ2q2uMSdo7lZ4B8DLN8x8vXRS98mgRLG6nktNk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 82dc866e49ddb791-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 42d1fe4cbd3298dd974bd9190113d09a.jpg
uintacountyherald.com/uploads/images/2023/11/ 45 KB
45 KB 25ms
24ms Image
image/jpeg 2606:4700:3035::6815:3136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/uploads/images/2023/11/42d1fe4cbd3298dd974bd9190113d09a.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5b91b74c3adc2d12f3ca42eeb69a8c59adac9f59e9fdf30d62504d1be9835f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 21:03:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2
etag: W/"b3d0-60b3cbff06f05-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B9I3FRZ8UeSkQ13alSnSTC%2B9Z0MMU%2BFTZwecYsi%2FRjpvjn2HPXuaWoIxTavqCqLfTIdsj6RgHDoFXouseYudGoaWIRv2VZKPNjzKgaF%2FqwenNUosGW066DLOERrViJi7tyrw4H54jrLAQksztFuKwYUKENo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 82dc866e49deb791-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 14019cae211d4ac7db9ea236161cc8aa.jpg
uintacountyherald.com/uploads/images/2023/11/ 236 KB
236 KB 27ms
26ms Image
image/jpeg 2606:4700:3035::6815:3136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/uploads/images/2023/11/14019cae211d4ac7db9ea236161cc8aa.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc9227007193b0a837a770d50ec3024ab991ee740cb694c139e35bee4ff0be1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 21:11:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2
etag: W/"3af1d-60b3cdbe7a1d3-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gNZ9o20zeddJ6PeDUBzQ55cdHDTeUU%2BCG09DsjRZNuAM9EWv8BSjzPZ38a0HlQg2Eet9qheyhbJqhoKB7XBGXkTLVtEtxKOMn6j%2Bw5wZZFD%2FQgXhbbRJ7vpUWE4woahTV77FjosSevhYr8RP0wMFCwcWnho%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 82dc866e49dfb791-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 cfe590ee8a81ae4dcad696bfcb6c981f.jpg
uintacountyherald.com/uploads/images/2023/11/ 274 KB
275 KB 26ms
25ms Image
image/jpeg 2606:4700:3035::6815:3136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/uploads/images/2023/11/cfe590ee8a81ae4dcad696bfcb6c981f.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5862220784f844113ad16eedf12743d614552bace6a760c4a1e4e457b952d9db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
cf-cache-status: HIT
last-modified: Wed, 01 Nov 2023 22:29:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2
etag: W/"44959-6091ecd0e67f8-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3KaVog51554bvCrBBbQ6khti%2Bn1Mp2y%2B0tzndxsuxjK9%2FBLfHBgJma8suEnPWZDUHST%2ByYLpOz79HG2HK6FolcufsD%2BQDqnOexNanLnsw90Om%2FRccMbn7vU2btcisPto3p3Yot2PGZgJIRFuy%2FKwdvdTUCI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 82dc866e49e0b791-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 7d615275f343dea8994d28a578c3e69c.jpg
uintacountyherald.com/uploads/images/2023/11/ 45 KB
45 KB 45ms
45ms Image
image/jpeg 2606:4700:3035::6815:3136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/uploads/images/2023/11/7d615275f343dea8994d28a578c3e69c.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5b91b74c3adc2d12f3ca42eeb69a8c59adac9f59e9fdf30d62504d1be9835f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 21:01:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2
etag: W/"b3d0-60b3cb7f6e3be-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6d1aqQLtscLmfJOE04YsBTQrbt%2FzeHv1zqiC9%2F3ZBu8aLblKA4%2B2qLQGNqy2xd5aQ4WTvR%2Fy974pc87W2b1c9ppAlcSFTqRmCQ12w4C36LX96NWSt6ZVc9q2JbCB4gDEvM8DwwU5WFWIxqJ%2B32pgheWk9lc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 82dc866e49e1b791-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 sprite_icons_6dc7d94.png
www.justapinch.com/images/ 22 KB
22 KB 105ms
19ms Image
image/png 130.211.10.17
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.justapinch.com/images/sprite_icons_6dc7d94.png
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.10.17 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 17.10.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 48ea5787f01c0678de86c7861e830f03a3163a2d3a25ddb8fe3b343725dfeabd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:25:23 GMT
via: 1.1 google
last-modified: Thu, 16 Nov 2023 20:33:58 GMT
server: nginx
age: 1101343
x-who: gcloud-web-2
content-type: image/png
cache-control: max-age=31536000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22292
expires: Fri, 15 Nov 2024 23:25:23 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 192 KB
34 KB 468ms
467ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3702595777090603&correlator=2498425012962878&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&iu_parts=129995211%2Chome_leaderboard%2Chome_250_1%2Chome_250_2%2Chome_600%2Cvideo_250%2Cvideo_600&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x600%2C300x250%2C300x600&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1701278466298&lmt=1701278466&adxs=-9%2C-9%2C-9%2C-9%2C1200%2C-9&adys=-9%2C-9%2C-9%2C-9%2C3126%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1%7C1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fuintacountyherald.com%2F&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C300x250%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C300x-1%7C0x-1&fws=2%2C2%2C2%2C2%2C0%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0&ga_vid=53284522.1701278466&ga_sid=1701278466&ga_hid=1023333206&ga_fc=false&dlt=1701278465493&idt=557&adks=536991170%2C1736459697%2C2382306415%2C3782939975%2C2568665865%2C176555470&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a716a3825c2565fd8c575ab7904583e07df6bfb87526ccc14483a1b0ed40e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34296
x-xss-protection: 0
google-lineitem-id: -2,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://uintacountyherald.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A0F4 6 KB
3 KB 104ms
33ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uintacountyherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 17:21:06 GMT
expires: Thu, 28 Nov 2024 17:21:06 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 50ms
15ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 29 Nov 2023 15:39:15 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6111
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 29 Nov 2023 17:39:15 GMT

GET
H2 200 hotjar-467830.js Show response
static.hotjar.com/c/ 10 KB
4 KB 291ms
15ms Script
application/javascript 18.66.192.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-467830.js?sv=5

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-39.muc50.r.cloudfront.net

Software

Resource Hash

f582d452c8d91509d4fb0b3408b4f42b913dae4b0cbe3196ee076940c0d15739

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 29 Nov 2023 17:21:04 GMT
via: 1.1 551f2461af0b3bf4faaad831ee6e5b1e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 48
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/b0b52edfbec500b0f278722d6383484d
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: ltU-rVRfnHvxAvnTGt9I5F3LT62M0ap474WiygCVhv2W2hEFtIg-8w==

GET
H2 200 ice.js Show response
resources.infolinks.com/js/1895.006-3.034/ 187 KB
57 KB 35ms
35ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54eacec863498628814d62c486eca8cd1c580c77a4dda865b5941006e40c6e66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 17:45:04 GMT
server: cloudflare
age: 11860
etag: W/"2ede2-6099387db510d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 82dc866ea82139ec-FRA
expires: Fri, 29 Dec 2023 14:03:26 GMT

GET
H3 200 56d27839db85b1e3772b4a3aa7b07924.JPG
uintacountyherald.com/uploads/images/2022/11/ 7 MB
7 MB 22ms
22ms Image
image/jpeg 2606:4700:3035::6815:3136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uintacountyherald.com/uploads/images/2022/11/56d27839db85b1e3772b4a3aa7b07924.JPG
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 107121045a7853e68204b1a3d59ff54da0161a5e601fbb7977e964f4c9105031

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
cf-cache-status: HIT
last-modified: Thu, 10 Nov 2022 18:24:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2
etag: W/"713fc5-5ed21e3dade45-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jNDMEBsSc%2Bx3F8GMdzmz3a57FQpUok9GhjXHIkaPjcaiURK%2FW6Do8AgAS7d%2FU6BYEMZbbbh11GZU3d2WZN16Eg%2B33fphqqgvDtVzY7UEBG1c6sbkJAvCVG3pgeP1YB6X%2BkMZ%2BTeGmRRLqWY1beKZyRxJgXs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 82dc866eca54b791-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 glyphicons-halflings-regular.woff2
uintacountyherald.com/fonts/ 18 KB
18 KB 20ms
20ms Font
font/woff2 2606:4700:3035::6815:3136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uintacountyherald.com/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/css/core.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Referer: https://uintacountyherald.com/css/core.css
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
cf-cache-status: HIT
last-modified: Sun, 22 Oct 2023 19:20:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2
etag: W/"466c-60852fdfc57f5-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yr9n2qqe6Kh4VgqM0S0f24iOmgcNVScG%2Bz1xY%2Bf6F9zlNaH04qHmpckAtbn7RWc%2BsiS%2B%2FIpnMizp3wKQT0cq149hTcVDCSRraaCqt3xpYYCqIzL5KmZ5U%2FjNpC1VxzkCdXfFtLGYjxAfLHoVTF9MDXoUFqc%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
cf-ray: 82dc866eca56b791-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 jot
www.civicscience.com/ 0
0 302ms
101ms Fetch
text/plain 3.230.202.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civicscience.com/jot?j=1705242238.1846767709&n=0&s=poll&t=created&d=%7B%22target%22%3A%223af52b84-198f-5954-3d30-5a5b0c0c9431%22%2C%22instance%22%3A%22civsci-id-1372946927%22%2C%22isContainerSeen%22%3Afalse%2C%22context%22%3A%22%2F%2Fuintacountyherald.com%22%2C%22wx%22%3A0%2C%22wy%22%3A0%2C%22wh%22%3A1200%2C%22ww%22%3A1600%2C%22cx%22%3A1200%2C%22cy%22%3A3126%7D
Requested by: Host: www.civicscience.com
URL: https://www.civicscience.com/jspoll/4/civicscience-widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.202.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-202-53.compute-1.amazonaws.com
Software: Apache/2.4.39 (Amazon) /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
last-modified: Fri, 30 Aug 2019 14:44:32 GMT
server: Apache/2.4.39 (Amazon)
accept-ranges: bytes
etag: "0-59156a8fe3400"
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 bootstrap Show response
www.civicscience.com/widget/api/2/ 319 B
415 B 118ms
118ms Script
text/javascript 3.230.202.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civicscience.com/widget/api/2/bootstrap?target=3af52b84-198f-5954-3d30-5a5b0c0c9431&instance=civsci-id-1372946927&context=%2F%2Fuintacountyherald.com&mv=5&_=1701278466362&callback=jsonp_1701278466362_68544
Requested by: Host: www.civicscience.com
URL: https://www.civicscience.com/jspoll/4/civicscience-widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.202.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-202-53.compute-1.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash: b397301548e851bfb0571856c5e4b188e196ded50d53303e57ae85d206778f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
content-encoding: gzip
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips PHP/7.2.34
x-powered-by: PHP/7.2.34
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 222 KB
67 KB 39ms
7ms Script
application/javascript 23.213.164.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:25:40 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=93393
accept-ranges: bytes
content-length: 68444
expires: Thu, 30 Nov 2023 19:17:39 GMT

GET
H2 451 712559.gif
idsync.rlcdn.com/ 0
98 B 50ms
20ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/712559.gif?partner_uid=281becb1-ed6c-4baa-a1c6-d049dd4a1fd3
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 ;MID=181918;type=e959fb862;placementID=1756037;setID=517063;channelID=0;CID=0;BID=520639829;TAID=0;place=0;matches=%5B%22home%22%5D;contKeyMatches=%5B%2212787%22%2C%2212790%22%2C%2212792%22%2C%2212... Show response
ads.empowerlocal.co/adserve/ 0
342 B 403ms
101ms XHR
text/html 51.81.49.106
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.empowerlocal.co/adserve/;MID=181918;type=e959fb862;placementID=1756037;setID=517063;channelID=0;CID=0;BID=520639829;TAID=0;place=0;matches=%5B%22home%22%5D;contKeyMatches=%5B%2212787%22%2C%2212790%22%2C%2212792%22%2C%2212793%22%2C%2212794%22%2C%2212795%22%2C%2212796%22%2C%2212797%22%2C%2212798%22%2C%2212799%22%2C%2212800%22%2C%2212801%22%2C%2212802%22%2C%2212803%22%2C%2212804%22%5D;contCatMatches=%5B%2210595%22%5D;referrer=https%3A%2F%2Fuintacountyherald.com%2F;mt=1701278466105413;hc=c1919caade93036bd083b30a1945817977e0b41c

Requested by

Host: ads.empowerlocal.co
URL: https://ads.empowerlocal.co/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.81.49.106 , United States, ASN16276 (OVH, FR),

Reverse DNS

ns1002533.ip-51-81-49.us

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://uintacountyherald.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;ID=171437;size=300x250;setID=316820;type=async;domid=placement_316820_0;place=0;pid=8311453;sw=1600;sh=1200;spr=1;rnd=8311453;kw=home;referrer=https%3A%2F%2Fuintacountyherald.com%2F;click=CLICK_MA... Show response
servedbyadbutler.com/adserve/ 749 B
811 B 71ms
21ms Script
application/javascript 162.55.246.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://servedbyadbutler.com/adserve/;ID=171437;size=300x250;setID=316820;type=async;domid=placement_316820_0;place=0;pid=8311453;sw=1600;sh=1200;spr=1;rnd=8311453;kw=home;referrer=https%3A%2F%2Fuintacountyherald.com%2F;click=CLICK_MACRO_PLACEHOLDER

Requested by

Host: ads.empowerlocal.co
URL: https://ads.empowerlocal.co/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.55.246.61 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.61.246.55.162.clients.your-server.de

Software

nginx /

Resource Hash

3a1aa51d90102291805779bbb81389ae44c8f9b2666ab6f088a966c8c8186d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
content-type: application/javascript
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 campaigns Show response
cdn.ads-flipp.com/flyer-locator-service/ 135 B
548 B 360ms
315ms Fetch
application/json 99.84.88.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ads-flipp.com/flyer-locator-service/campaigns
Requested by: Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=%201262364
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-88.muc50.r.cloudfront.net
Software: envoy /
Resource Hash: 829731dcdf08025f3d898c8c3a68acb42b0496dcdd8fc61f85ec5dbbf6a69b02

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: text/plain

Response headers

x-trace-id: _ZyXqAm4r4IQ8yg36raSgD2D8KyimC-jh8pCLK6xRBu8HoEPkcBJog==
date: Wed, 29 Nov 2023 17:21:06 GMT
via: 1.1 940591d2da012baa6779996f50bf5208.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: MUC50-C1
vary: Origin,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://uintacountyherald.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 5
content-length: 135
x-amz-cf-id: _ZyXqAm4r4IQ8yg36raSgD2D8KyimC-jh8pCLK6xRBu8HoEPkcBJog==

GET
H2 200 187621-164323601241456.js Show response
js-sec.indexww.com/ht/p/ 33 KB
11 KB 46ms
23ms Script
text/javascript 104.18.38.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.27.3/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4f6adfb5ea3d9502595163ad4b4d3d57fb796477f2e23d1980687f3abad5f38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 17:16:33 GMT
server: cloudflare
age: 208
etag: W/"da25e8-856b-60b4db265aa31"
vary: Accept-Encoding
content-type: text/javascript
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
cf-ray: 82dc866f39b8bb71-FRA
expires: Wed, 29 Nov 2023 21:21:06 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
761 B 22ms
21ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:600

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.27.3/easy-stn-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7133c07da0d7df5ae3d5fe3ff8a67982a5af918e7ec147af765f1ba7e14b641

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 29 Nov 2023 17:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 16:34:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Nov 2023 17:21:06 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
439 B 22ms
22ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.27.3/easy-stn-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 29 Nov 2023 17:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 17:21:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Nov 2023 17:21:06 GMT

GET
H2 200 OverlayScrollbars.min.css
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/ 20 KB
4 KB 47ms
17ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/OverlayScrollbars.min.css

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.27.3/easy-stn-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1864536
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4023
last-modified: Wed, 16 Dec 2020 13:04:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fda05e7-4e34"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SsthV7JJdpP4RAjWlxR0zUj39pAnD2I%2F7vJRhNfNIs5dAv%2BXNd0%2FgwjCSFdMLtM0xUWa6LtPU0MZkW4wdOm2chrZiziF4EA8Cl3b%2B4yFmIXlhp%2Fl64xXfs5cHvMlNctZSIIPHs6MxNkJLQaGj07YsbO5"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82dc866f6bb01daa-FRA
expires: Mon, 18 Nov 2024 17:21:06 GMT

GET
H2 200 OverlayScrollbars.min.js Show response
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/ Frame B8BA 53 KB
21 KB 40ms
15ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.27.3/easy-stn-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1351528
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20502
last-modified: Wed, 16 Dec 2020 13:04:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fda05e7-d208"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AjB89k6GU7gnnQraf4jpBCL3Jdx5cT0MHLS3BXguSxlGiPzP5xHf54hzuPulwMd2cNFvOLENA0x5pfJFUGi6b38b2pI%2BqEqGaY8P0mUU8ie3z38uKE9Iao3mShivaWTyuXoRPKqR81XuLBSo5BhHnvfC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82dc866f6bb31daa-FRA
expires: Mon, 18 Nov 2024 17:21:06 GMT

GET
H3 200 prebid.js Show response
embed.sendtonews.com/library/prebid/8.5.0_trade_desk_33accross_intentiq/ Frame B8BA 432 KB
136 KB 15ms
15ms Script
application/javascript 108.138.36.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/library/prebid/8.5.0_trade_desk_33accross_intentiq/prebid.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.27.3/easy-stn-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.36.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-51.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 98ad025da55f90c2d3a40af4b85ba698aafe1f5ba257f4805eeb400ce35d2484

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

x-amz-version-id: zGsGp7Ij.yEpEq5zFPcFESiv6l7ttthm
content-encoding: gzip
via: 1.1 7f6fdb9a0ec439bac9ac6cc0db13237e.cloudfront.net (CloudFront)
date: Wed, 29 Nov 2023 14:43:23 GMT
last-modified: Mon, 06 Nov 2023 19:52:23 GMT
server: AmazonS3
age: 9543
x-amz-cf-pop: MUC50-P2
etag: W/"c5e87d821de860a7eb714967a512a849"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 2tDN36Iz2l_-8hpJ9Jo7vOlN0NkQgMa-mw5ZQgNkVqvMSBW_0uXvTQ==

GET
H2 200 ppid.js Show response
cdn-ima.33across.com/ 10 KB
4 KB 55ms
16ms Script
application/javascript 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ppid.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.27.3/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9470010730b754d8563690539a873235785bfd53e4af5cd93e0b08567d76c45e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 20:31:17 GMT
server: cloudflare
age: 129358
etag: W/"65401295-2847"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 82dc866f8c6d040c-FRA
expires: Sat, 02 Dec 2023 17:21:06 GMT

GET
H3 200 comScore.gt.min.js Show response
embed.sendtonews.com/library/streamsense/6.3.4.190424/ Frame B8BA 335 KB
59 KB 18ms
18ms Script
application/javascript 108.138.36.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.27.3/easy-stn-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.36.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-51.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 17:45:57 GMT
x-amz-version-id: ..7XtSbDM3xjP8tWp7l1eb4E8v7z8_OL
content-encoding: gzip
last-modified: Thu, 13 Apr 2023 16:36:13 GMT
server: AmazonS3
age: 84910
x-amz-cf-pop: MUC50-P2
etag: W/"4a51b8991a6b67323936c2eb62e3518e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
via: 1.1 7f6fdb9a0ec439bac9ac6cc0db13237e.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: DyTK9P71lNLZI1Z7pc7kCOP4lAE8UxAFFZAJjK8l4AYqxUjY4a5bKA==

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 365 KB
126 KB 127ms
59ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.27.3/easy-stn-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128094
x-xss-protection: 0
expires: Wed, 29 Nov 2023 17:21:06 GMT

GET
H2 200 reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 1 KB
1 KB 59ms
18ms Image
image/png 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 14:46:58 GMT
via: 1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 9249
etag: "cb93bb50e5d021cc38de445a672c18a2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1094
x-amz-cf-id: lmJ_ytGwW97rfGuBoEY3_hfTVH0vBQfYv4LVsapva3lxlCfXbRkqmg==

GET
H2 200 facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 322 B
637 B 60ms
19ms Image
image/png 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 13:12:43 GMT
via: 1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 14904
etag: "311cf2edc46e82f2a6911332b7db54e1"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 322
x-amz-cf-id: ez94tOYO6C2BVcikXisfCGgxPfLksl4fvz3iMR58QlPL54ag25v3Bw==

GET
H2 200 twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 832 B
1 KB 57ms
16ms Image
image/png 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 14:31:02 GMT
via: 1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 10250
etag: "8be584e844dabfe22970a0cb943c047e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 832
x-amz-cf-id: JCWzfyAY4S-scQYjz39I3VgRbgZEM07-cJDMFYVDREvR4GZiAHl2wA==

GET
H2 200 email.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 773 B
1 KB 58ms
17ms Image
image/png 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 14:30:22 GMT
via: 1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 10245
etag: "4bd445ddc3f9d6101690e15cfc1a04f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 773
x-amz-cf-id: Rcfq7QIh-0Fc6bYIDTlD-EtrRnIXG5hfOkJDgNHq-Yw2EfaDDVdsPg==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame B8BA 267 KB
65 KB 71ms
19ms Script
application/javascript 108.138.37.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.27.3/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-37-209.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:26:32 GMT
content-encoding: gzip
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront), 1.1 d2e8c709d1f79bde6ed8f833f02bdd34.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 20:18:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, MUC50-P2
age: 3275
x-amz-server-side-encryption: AES256
etag: W/"2d08dd94de483579c1dc3f3783c06f6e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 8ety5e6RFtpyJ8NPTA4i5_n-T8TpuvYlltXqJlkqtZZyqL7jS2eu7g==

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 321ms
105ms Ping
image/gif 44.193.179.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=YN0wpIaGPS26lSSU&instance=903750&version=7.27.3&age=231129&cmd=PRE_INIT&key=Be6nXXXs&seq=1&order=1&vIndex=0&absoluteTime=1830.3&relativeTime=0.1&canonical=https://uintacountyherald.com/&EXTREF=https://uintacountyherald.com/&REF=https://uintacountyherald.com/&serverHost=embed.sendtonews.com
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.27.3/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.179.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-179-92.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H3 200 data_read.php Show response
embed.sendtonews.com/player4/ 34 KB
7 KB 134ms
134ms Fetch
text/html 108.138.36.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=YN0wpIaGPS26lSSU&instance=903750&version=7.27.3&age=231129&ESG_key=Be6nXXXs&type=FULL&EXTREF=https://uintacountyherald.com/&REF=https://uintacountyherald.com/&ogSet=1
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.27.3/easy-stn-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.36.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-51.muc50.r.cloudfront.net
Software: Apache /
Resource Hash: 158d04ce5ee0af87dac8a355cb0694b8f448c9c60a0ab83e244d2002d4c8dd30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
content-encoding: gzip
via: 1.1 7f6fdb9a0ec439bac9ac6cc0db13237e.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: MUC50-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1
alt-svc: h3=":443"; ma=86400
content-length: 6160
x-amz-cf-id: kwW5oECikmpKnrX5BKrfFkVUduCCDadJ3lpwCXlDvZs7KSwRjN_D_g==
expires: Wed, 29 Nov 2023 17:21:07 GMT

POST
H2 204 beacons
p.flipp.com/ 0
0 271ms
214ms Fetch 18.173.187.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.flipp.com/beacons
Requested by: Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=%201262364
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-21.muc50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
via: 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://uintacountyherald.com
access-control-allow-credentials: true
x-amz-cf-id: EqvjOnbEyJ9pZaMFzsa3I-ANdOrcBCIZeavzgIjT4_TKrIjT8hmo-A==

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v36/ 18 KB
18 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

752ac7b6a1d83373e07af1ee17b3a0e4a304e9b9304b55e49d93c7ab6a1c394e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 12:32:18 GMT
x-content-type-options: nosniff
age: 362928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18628
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:36:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 12:32:18 GMT

GET
H2 200 manage Show response
router.infolinks.com/usync/ Frame 50B3 0
43 B 140ms
122ms Document
text/plain 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=3305933&wsid=0&pdom=uintacountyherald.com&purl=https%3A%2F%2Fuintacountyherald.com%2F
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://uintacountyherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 82dc866fc99f39ec-FRA
content-length: 0
date: Wed, 29 Nov 2023 17:21:06 GMT
server: cloudflare
via: 1.1 google

GET
H2 200 lcmanage Show response
router.infolinks.com/usync/ 0
33 B 139ms
123ms Script
text/plain 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=3305933&wsid=0&pdom=uintacountyherald.com&purl=https%3A%2F%2Fuintacountyherald.com%2F
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82dc866fc9a539ec-FRA
content-length: 0

GET
H2 200 gsd Show response
router.infolinks.com/ 0
33 B 140ms
124ms Script
text/plain 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/gsd?evt=afterGSD&pid=3305933&wsid=0&pdom=uintacountyherald.com&purl=https%3A%2F%2Fuintacountyherald.com%2F&jsv=1895.006-3.034&_cb=17012784665060
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82dc866fc9a939ec-FRA
content-length: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
226 B 18ms
18ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1023333206&t=pageview&_s=1&dl=https%3A%2F%2Fuintacountyherald.com%2F&ul=en-us&de=UTF-8&dt=Breaking%20News%20from%20your%20Local%20News%20Source%20Leader%20in%20Evanston%2C%20Wyoming%20%7C%20Uinta%20County%20Herald&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAACAAI~&jid=518763643&gjid=800853863&cid=53284522.1701278466&tid=UA-6994918-32&_gid=150116193.1701278467&_r=1&_slc=1&z=683878229

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

977f1afcfa3cca65301bdd18357f8a34ed8a5d119480930ad6c3dbe76062cd95

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://uintacountyherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ;libID=3826211
servedbyadbutler.com/getad.img/ 25 KB
26 KB 15ms
15ms Image
image/jpeg 162.55.246.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/getad.img/;libID=3826211
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.246.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.61.246.55.162.clients.your-server.de
Software: nginx /
Resource Hash: fecad8e87224d77c1c5df9ede853ccae7d4be0801328b372c2c900ad8a71fa93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
last-modified: Wed, 03 May 2023 17:37:11 GMT
server: nginx
etag: "64529bc7-65ab"
content-type: image/jpeg
access-control-allow-origin: https://uintacountyherald.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="WyoPN_StayInTheKnow300.jpg"
accept-ranges: bytes
content-length: 26027
expires: Thu, 28 Nov 2024 09:21:06 PST

GET
H2 200 / Show response
trends.revcontent.com/api/demand/ 54 B
319 B 112ms
34ms Fetch
application/json 54.76.85.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=277191

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.76.85.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-85-248.eu-west-1.compute.amazonaws.com

Software

envoy /

Resource Hash

47b726fd18aa3355c7f0277952419c5e1b33d3347ee2e4eff5e9b9be73040549

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

x-rc-region: eu-west-1c
date: Wed, 29 Nov 2023 17:21:06 GMT
strict-transport-security: max-age=931536000; includeSubDomains
server: envoy
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://uintacountyherald.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
content-length: 54

GET
H2 204 sync
trends.revcontent.com/ 0
0 114ms
37ms Fetch 54.76.85.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/sync
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.76.85.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-85-248.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

x-rc-region: eu-west-1c
access-control-allow-origin: https://uintacountyherald.com
date: Wed, 29 Nov 2023 17:21:06 GMT
access-control-allow-credentials: true
x-envoy-upstream-service-time: 7
server: envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
426 B 104ms
33ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 0e02c4a956dc46b4bc418a55615b54c3c0e00a7b4aa7c213b76b80cc51cd66e5

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://uintacountyherald.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Fri, 29 Dec 2023 17:21:06 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
364 B 57ms
19ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://uintacountyherald.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 44
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 403 / Show response
id.sv.rkdms.com/identity/ 72 B
235 B 333ms
115ms XHR
application/json 34.202.199.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=uintacountyherald.com
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.199.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-199-100.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 6851edc0fca6eb99fa5fa083c37055fb96b62567bcd4730305e755e4cc0ab82a

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://uintacountyherald.com
date: Wed, 29 Nov 2023 17:21:06 GMT
access-control-allow-credentials: true
server: awselb/2.0
content-length: 72
vary: Accept-Encoding
content-type: application/json

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
353 B 59ms
21ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-6994918-32&cid=53284522.1701278466&jid=518763643&gjid=800853863&_gid=150116193.1701278467&_u=IAhAAEAAAAAAACAAI~&z=411000658

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 29 Nov 2023 17:21:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://uintacountyherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
79 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J19JFGRKPN&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f4590b347c3fdbcd8a26880f4d71fade63e04dbe8d650925ceb5f71f61726ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80602
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 29 Nov 2023 17:21:06 GMT

GET
H2 200 ppid Show response
lexicon.33across.com/v1/ 49 B
254 B 164ms
125ms XHR
application/json 35.244.193.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/ppid?pid=0015a00003LiqV3AAJ&ver=1.2.0
Requested by: Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ppid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://uintacountyherald.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

GET
H2 204 target Show response
www.civicscience.com/widget/api/2/ 0
98 B 118ms
117ms Script
text/plain 3.230.202.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civicscience.com/widget/api/2/target?target=3af52b84-198f-5954-3d30-5a5b0c0c9431&instance=civsci-id-1372946927&context=%2F%2Fuintacountyherald.com&mv=5&_=1701278466586&callback=jsonp_1701278466586_80343
Requested by: Host: www.civicscience.com
URL: https://www.civicscience.com/jspoll/4/civicscience-widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.202.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-202-53.compute-1.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
x-powered-by: PHP/7.2.34
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips PHP/7.2.34

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame B8BA 6 KB
3 KB 42ms
14ms XHR
application/javascript 108.138.37.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-37-209.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 01:57:25 GMT
x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 826a64379fff05f157845c418fee53d2.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 55422
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: tNfi26QF56Fag_aR-KLOYxcSV_90glm1EEuziWcbHgJ3cIEU7uus2w==

GET
H2 200 6c3f03cd-6fa8-4477-ac05-2c0f4f8da092 Show response
config.aps.amazon-adsystem.com/configs/ Frame B8BA 537 B
804 B 61ms
14ms Script
application/javascript 108.138.36.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-117.muc50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 1856d9b5b6bab37b309b28fe14f3de828d2997daa7e80b31da276ff234c3a8f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:40:23 GMT
via: 1.1 349eb6985da057f318665aa6bde74732.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-P2
age: 2443
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: lgxhC0OAeDz6HF6aR0gajXnxfPcMkpaWG1wlm1gjKQ6cO3ANqQLXqQ==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame B8BA 1006 B
1 KB 14ms
14ms XHR
application/json 108.138.37.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fuintacountyherald.com&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-37-209.muc50.r.cloudfront.net
Software: Server /
Resource Hash: fd8e6d26ae464a400f3c77955c4d426cec2d159f514c30ff72f9155f6e606a15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 12:29:35 GMT
via: 1.1 d2e8c709d1f79bde6ed8f833f02bdd34.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MUC50-P2
age: 17491
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://uintacountyherald.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1006
x-amz-cf-id: nhY2GHe5Oheph1WiANDjT9ufiUYXfQ62TxV5NNIyyblRHDPrubsBbA==

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
187 B 151ms
103ms Ping
image/gif 44.193.179.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=YN0wpIaGPS26lSSU&instance=214903750&version=7.27.3&age=231129&cmd=GET&key=Be6nXXXs&c_id=12385&seq=1&order=2&vIndex=0&absoluteTime=2014.9&relativeTime=184.7&canonical=https://uintacountyherald.com/&EXTREF=https://uintacountyherald.com/&REF=https://uintacountyherald.com/&playerCfg=BR&playerType=BARKER&serverHost=embed.sendtonews.com
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.27.3/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.179.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-179-92.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 0.js Show response
player.sendtonews.com/bidderFiles/ 5 KB
2 KB 52ms
14ms Script
application/javascript 18.173.187.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://player.sendtonews.com/bidderFiles/0.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.27.3/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-56.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba005884302c65983e86c49afd2e6bf0d3ca60166c861ee2888d716ceed13e02

Request headers

Referer: https://embed.sendtonews.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

x-amz-version-id: UQ7kWi2taw0bordMiyKDP_I_ByXqD8Mm
content-encoding: gzip
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront), 1.1 21be3420a436f8727342146a9b19af68.cloudfront.net (CloudFront)
date: Wed, 29 Nov 2023 11:26:07 GMT
x-amz-cf-pop: FRA60-P3, MUC50-P4
age: 21306
x-cache: Hit from cloudfront
last-modified: Thu, 07 Sep 2023 23:03:22 GMT
server: AmazonS3
etag: W/"25b745fa0d93d47bf009a28d8bcdf8d6"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
x-amz-cf-id: lw10PJ1aXLdTxEcYkwylp6KL9o3r_ROAPaBreF6Ix5PjzC7zbVDBHQ==

GET
H2 200 wgwtpg2mc8m5f28ktgackmbuv1btayw1.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 25 KB
25 KB 48ms
17ms Image
image/jpeg 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/wgwtpg2mc8m5f28ktgackmbuv1btayw1.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05c7ba81186b0be4238e6e39757350bcc41918c51858cb167d6112f6a3b7510e

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:14:49 GMT
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 3978
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 25178
last-modified: Wed, 29 Nov 2023 15:20:20 GMT
server: AmazonS3
etag: "6b8fa6e4c6cdb4a29fd61b8bebee4534"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: LfRi3Zx4MnVYyJZCNoXNT5AOFoizQUYkMzn3waaySJn_OdcLqzygYQ==

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 150ms
104ms Ping
image/gif 44.193.179.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=YN0wpIaGPS26lSSU&instance=214903750&version=7.27.3&age=231129&cmd=RTP&key=Be6nXXXs&c_id=12385&seq=1&order=3&vIndex=0&absoluteTime=2016.6&relativeTime=186.4&sC_ID=8783&sm_id=3205108&load=1&status=LVFNSNIY&ac_id=2008&EXTREF=https://uintacountyherald.com/&REF=https://uintacountyherald.com/&playerCfg=BR&playerType=BARKER&DS=notfound
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.27.3/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.179.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-179-92.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
125 KB 15ms
15ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 20:08:20 GMT
x-content-type-options: nosniff
age: 421966
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 20:08:20 GMT

GET
H2 200 7plb6tndyrn9e0wljl7y8isd2k0rvgpg.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 29 KB
30 KB 46ms
31ms Image
image/jpeg 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/7plb6tndyrn9e0wljl7y8isd2k0rvgpg.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 643f8a16ac220c37763778f80d240d23842c3116d46b587d002496cc6feec1ab

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:14:50 GMT
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 3977
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 29803
last-modified: Wed, 29 Nov 2023 15:00:15 GMT
server: AmazonS3
etag: "f1e04b8ddda372344e1359c98f9ab182"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: 8VJB70b7qARaN7UMcrU8s0-ti6005gb1yuTQ5Va-pcJtfD7wv0nAiQ==

GET
H2 200 l4ppk2yh956p7qjx4q3aw1gcyqzgk5bo.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 27 KB
28 KB 60ms
45ms Image
image/jpeg 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/l4ppk2yh956p7qjx4q3aw1gcyqzgk5bo.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4fa801dedeab49955dd5f76ca45f223e486d27ad782c5959e002c1fe6150eaec

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:14:50 GMT
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 3977
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 28006
last-modified: Wed, 29 Nov 2023 15:00:13 GMT
server: AmazonS3
etag: "652973baec139cbdfaf2aa9287f3d9a0"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: Fn14kRL0lfEcYIr9o3ekvwWUeTK7PI9JiHN2rIyi8JU-VG3UYvyR8g==

GET
H2 200 5igdnbbvwrqmpjbtqv46y4u3brh4lbjt.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 26 KB
27 KB 69ms
54ms Image
image/jpeg 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/5igdnbbvwrqmpjbtqv46y4u3brh4lbjt.jpg
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef0e671e922fc0fe31a2c3482e697f3c1d08450cc95a391452adebefc1e791ed

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:16:26 GMT
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 3881
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 26979
last-modified: Wed, 29 Nov 2023 15:00:11 GMT
server: AmazonS3
etag: "cbda15c12cd3a75ed207d97114e24d34"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: U4oinkE8eEsGzWPfPhM2a-mjMDkIJxfOjBxui5CiR_UyWubINx4Itg==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 90ms
55ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-6994918-32&cid=53284522.1701278466&jid=518763643&_u=IAhAAEAAAAAAACAAI~&z=1055046674

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 86ms
53ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-6994918-32&cid=53284522.1701278466&jid=518763643&_u=IAhAAEAAAAAAACAAI~&z=1055046674

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wgwtpg2mc8m5f28ktgackmbuv1btayw1.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ Frame B8BA 25 KB
25 KB 31ms
26ms Image
image/jpeg 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/wgwtpg2mc8m5f28ktgackmbuv1btayw1.jpg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05c7ba81186b0be4238e6e39757350bcc41918c51858cb167d6112f6a3b7510e

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:14:49 GMT
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 3978
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 25178
last-modified: Wed, 29 Nov 2023 15:20:20 GMT
server: AmazonS3
etag: "6b8fa6e4c6cdb4a29fd61b8bebee4534"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: SoLHxXS9-xny1m4DU51IpAc9MiFzySqvddK4XfTC7XAoPlsBq3Xn0g==

GET
H2 200 7plb6tndyrn9e0wljl7y8isd2k0rvgpg.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ Frame B8BA 29 KB
30 KB 47ms
42ms Image
image/jpeg 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/7plb6tndyrn9e0wljl7y8isd2k0rvgpg.jpg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 643f8a16ac220c37763778f80d240d23842c3116d46b587d002496cc6feec1ab

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:14:50 GMT
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 3977
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 29803
last-modified: Wed, 29 Nov 2023 15:00:15 GMT
server: AmazonS3
etag: "f1e04b8ddda372344e1359c98f9ab182"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: d5kKvRFZgFufexQkahuEihS6VrH1U0Gw3FNUabU28NeKq3CSH8aQVQ==

GET
H2 200 l4ppk2yh956p7qjx4q3aw1gcyqzgk5bo.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ Frame B8BA 27 KB
28 KB 71ms
66ms Image
image/jpeg 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/l4ppk2yh956p7qjx4q3aw1gcyqzgk5bo.jpg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4fa801dedeab49955dd5f76ca45f223e486d27ad782c5959e002c1fe6150eaec

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:14:50 GMT
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 3977
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 28006
last-modified: Wed, 29 Nov 2023 15:00:13 GMT
server: AmazonS3
etag: "652973baec139cbdfaf2aa9287f3d9a0"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: SjrexMZ0m58TLJmvdpdN1vPsxPEJvJFWRjEo7guEcF-7oesIL3fvgQ==

GET
H2 200 5igdnbbvwrqmpjbtqv46y4u3brh4lbjt.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ Frame B8BA 26 KB
27 KB 71ms
67ms Image
image/jpeg 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/5igdnbbvwrqmpjbtqv46y4u3brh4lbjt.jpg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef0e671e922fc0fe31a2c3482e697f3c1d08450cc95a391452adebefc1e791ed

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:16:26 GMT
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 3881
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 26979
last-modified: Wed, 29 Nov 2023 15:00:11 GMT
server: AmazonS3
etag: "cbda15c12cd3a75ed207d97114e24d34"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: NBrVTbfkGkmLr0FOXmndpJKMvieqhTWQhR7aPihEhcF3HC8WQUtdxg==

GET
H2 200 wgwtpg2mc8m5f28ktgackmbuv1btayw1.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 25 KB
25 KB 31ms
27ms Image
image/jpeg 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/wgwtpg2mc8m5f28ktgackmbuv1btayw1.jpg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05c7ba81186b0be4238e6e39757350bcc41918c51858cb167d6112f6a3b7510e

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:14:49 GMT
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 3978
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 25178
last-modified: Wed, 29 Nov 2023 15:20:20 GMT
server: AmazonS3
etag: "6b8fa6e4c6cdb4a29fd61b8bebee4534"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: cRPJ7_qJznDVGGoOCsMTGTPA5La0mkzjw36TVCHoUEwKXFTaWiolrw==

GET
H2 200 7plb6tndyrn9e0wljl7y8isd2k0rvgpg.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 29 KB
30 KB 49ms
45ms Image
image/jpeg 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/7plb6tndyrn9e0wljl7y8isd2k0rvgpg.jpg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 643f8a16ac220c37763778f80d240d23842c3116d46b587d002496cc6feec1ab

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:14:50 GMT
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 3977
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 29803
last-modified: Wed, 29 Nov 2023 15:00:15 GMT
server: AmazonS3
etag: "f1e04b8ddda372344e1359c98f9ab182"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: yDRxm17P4UgS7TLISz_nkXS5a4XlqPbDTN2Yo3KNRq5LU-aRMpvm1Q==

GET
H2 200 l4ppk2yh956p7qjx4q3aw1gcyqzgk5bo.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 27 KB
28 KB 73ms
69ms Image
image/jpeg 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/l4ppk2yh956p7qjx4q3aw1gcyqzgk5bo.jpg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4fa801dedeab49955dd5f76ca45f223e486d27ad782c5959e002c1fe6150eaec

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:14:50 GMT
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 3977
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 28006
last-modified: Wed, 29 Nov 2023 15:00:13 GMT
server: AmazonS3
etag: "652973baec139cbdfaf2aa9287f3d9a0"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: 3ZOETDxZ2LJmKX3bsZ377fkLLl5BogYnO01jgRbJVowegdvpyd-Whw==

GET
H2 200 5igdnbbvwrqmpjbtqv46y4u3brh4lbjt.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 26 KB
27 KB 73ms
69ms Image
image/jpeg 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/5igdnbbvwrqmpjbtqv46y4u3brh4lbjt.jpg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef0e671e922fc0fe31a2c3482e697f3c1d08450cc95a391452adebefc1e791ed

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:16:26 GMT
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 3881
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 26979
last-modified: Wed, 29 Nov 2023 15:00:11 GMT
server: AmazonS3
etag: "cbda15c12cd3a75ed207d97114e24d34"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: iaJodBkKVJ1m3yg_Q2FKYYCKT6E3FyQKdNKs_2h19iqaK9MgVIJ4Jg==

GET
H2 200 wgwtpg2mc8m5f28ktgackmbuv1btayw1.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ Frame B8BA 25 KB
25 KB 57ms
54ms Image
image/jpeg 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/wgwtpg2mc8m5f28ktgackmbuv1btayw1.jpg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05c7ba81186b0be4238e6e39757350bcc41918c51858cb167d6112f6a3b7510e

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:14:49 GMT
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 3978
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 25178
last-modified: Wed, 29 Nov 2023 15:20:20 GMT
server: AmazonS3
etag: "6b8fa6e4c6cdb4a29fd61b8bebee4534"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: w1eD30PWhwuTe4eQ-2-ZrKcN3fEMtom1L45VdWsbmEfp7iLOOkYgsw==

GET
H2 200 7plb6tndyrn9e0wljl7y8isd2k0rvgpg.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ Frame B8BA 29 KB
30 KB 58ms
55ms Image
image/jpeg 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/7plb6tndyrn9e0wljl7y8isd2k0rvgpg.jpg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 643f8a16ac220c37763778f80d240d23842c3116d46b587d002496cc6feec1ab

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:14:50 GMT
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 3977
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 29803
last-modified: Wed, 29 Nov 2023 15:00:15 GMT
server: AmazonS3
etag: "f1e04b8ddda372344e1359c98f9ab182"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: jLCsSLhhGI1N06rgGaPSfa0u_Xw5nynxpZlHWF_ivb8xFa4QiAqEQw==

GET
H2 200 l4ppk2yh956p7qjx4q3aw1gcyqzgk5bo.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ Frame B8BA 27 KB
28 KB 70ms
67ms Image
image/jpeg 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/l4ppk2yh956p7qjx4q3aw1gcyqzgk5bo.jpg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4fa801dedeab49955dd5f76ca45f223e486d27ad782c5959e002c1fe6150eaec

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:14:50 GMT
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 3977
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 28006
last-modified: Wed, 29 Nov 2023 15:00:13 GMT
server: AmazonS3
etag: "652973baec139cbdfaf2aa9287f3d9a0"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: cov9HaoSHGUrSPlmTq1dRZ4VZiEeCQ1MyRWBfbo_jMBBOqwtIAmXAA==

GET
H2 200 5igdnbbvwrqmpjbtqv46y4u3brh4lbjt.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ Frame B8BA 26 KB
27 KB 74ms
71ms Image
image/jpeg 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/5igdnbbvwrqmpjbtqv46y4u3brh4lbjt.jpg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef0e671e922fc0fe31a2c3482e697f3c1d08450cc95a391452adebefc1e791ed

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:16:26 GMT
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 3881
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 26979
last-modified: Wed, 29 Nov 2023 15:00:11 GMT
server: AmazonS3
etag: "cbda15c12cd3a75ed207d97114e24d34"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: s1HBHPFKANUc9994r-iDbCfCw5EFxRyVvh4YuBaEn4Ob4reVq2EXew==

GET
H2 200 wgwtpg2mc8m5f28ktgackmbuv1btayw1.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 25 KB
25 KB 63ms
61ms Image
image/jpeg 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/wgwtpg2mc8m5f28ktgackmbuv1btayw1.jpg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05c7ba81186b0be4238e6e39757350bcc41918c51858cb167d6112f6a3b7510e

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:14:49 GMT
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 3978
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 25178
last-modified: Wed, 29 Nov 2023 15:20:20 GMT
server: AmazonS3
etag: "6b8fa6e4c6cdb4a29fd61b8bebee4534"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: 4Qoh42dxUvL5H9R-RsJP8veDjSFkKZaPdl-qdhtvIUGTC_xTfKLEOg==

GET
H2 200 7plb6tndyrn9e0wljl7y8isd2k0rvgpg.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 29 KB
30 KB 62ms
59ms Image
image/jpeg 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/7plb6tndyrn9e0wljl7y8isd2k0rvgpg.jpg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 643f8a16ac220c37763778f80d240d23842c3116d46b587d002496cc6feec1ab

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:14:50 GMT
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 3977
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 29803
last-modified: Wed, 29 Nov 2023 15:00:15 GMT
server: AmazonS3
etag: "f1e04b8ddda372344e1359c98f9ab182"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: boWTXy4d-ul8LEQHgQ6KAkcqEtRASxN7EsH__7JKK9m_zMcHqJF3BQ==

GET
H2 200 l4ppk2yh956p7qjx4q3aw1gcyqzgk5bo.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 27 KB
28 KB 71ms
68ms Image
image/jpeg 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/l4ppk2yh956p7qjx4q3aw1gcyqzgk5bo.jpg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4fa801dedeab49955dd5f76ca45f223e486d27ad782c5959e002c1fe6150eaec

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:14:50 GMT
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 3977
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 28006
last-modified: Wed, 29 Nov 2023 15:00:13 GMT
server: AmazonS3
etag: "652973baec139cbdfaf2aa9287f3d9a0"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: MW-sgnL1d4KA3QpRjOwWLGPmWqacvsWjKJjoATSPPSUAfKxtpnIaaQ==

GET
H2 200 5igdnbbvwrqmpjbtqv46y4u3brh4lbjt.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 26 KB
27 KB 74ms
72ms Image
image/jpeg 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/5igdnbbvwrqmpjbtqv46y4u3brh4lbjt.jpg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef0e671e922fc0fe31a2c3482e697f3c1d08450cc95a391452adebefc1e791ed

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:16:26 GMT
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 3881
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 26979
last-modified: Wed, 29 Nov 2023 15:00:11 GMT
server: AmazonS3
etag: "cbda15c12cd3a75ed207d97114e24d34"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: ZBZKMKpwNHWQJQYpxr3mbyGdAUe-Z816SHJBgckcq656UbQfwckAHQ==

GET
H2 200 wgwtpg2mc8m5f28ktgackmbuv1btayw1.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ Frame B8BA 25 KB
25 KB 66ms
63ms Image
image/jpeg 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/wgwtpg2mc8m5f28ktgackmbuv1btayw1.jpg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05c7ba81186b0be4238e6e39757350bcc41918c51858cb167d6112f6a3b7510e

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:14:49 GMT
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 3978
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 25178
last-modified: Wed, 29 Nov 2023 15:20:20 GMT
server: AmazonS3
etag: "6b8fa6e4c6cdb4a29fd61b8bebee4534"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: EfKHZP2ONJxvVszBqYv_IBU1iZYvxh7BQ1HW2SqcubJhFuF4-FlKJw==

GET
H2 200 7plb6tndyrn9e0wljl7y8isd2k0rvgpg.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ Frame B8BA 29 KB
30 KB 64ms
62ms Image
image/jpeg 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/7plb6tndyrn9e0wljl7y8isd2k0rvgpg.jpg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 643f8a16ac220c37763778f80d240d23842c3116d46b587d002496cc6feec1ab

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:14:50 GMT
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 3977
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 29803
last-modified: Wed, 29 Nov 2023 15:00:15 GMT
server: AmazonS3
etag: "f1e04b8ddda372344e1359c98f9ab182"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: e9qLHIV0o_HSMKDhb9js0sfB32lcMoRsP4d34MvLOsyQqZXFn_VMvA==

GET
H2 200 l4ppk2yh956p7qjx4q3aw1gcyqzgk5bo.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ Frame B8BA 27 KB
28 KB 72ms
69ms Image
image/jpeg 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/l4ppk2yh956p7qjx4q3aw1gcyqzgk5bo.jpg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4fa801dedeab49955dd5f76ca45f223e486d27ad782c5959e002c1fe6150eaec

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:14:50 GMT
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 3977
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 28006
last-modified: Wed, 29 Nov 2023 15:00:13 GMT
server: AmazonS3
etag: "652973baec139cbdfaf2aa9287f3d9a0"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: Mh0CGG_mDDZ7NMTMlXS6ZFyhYTbyNAEVw2TgLYmx3jVfduo_0BTapw==

GET
H2 200 5igdnbbvwrqmpjbtqv46y4u3brh4lbjt.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ Frame B8BA 26 KB
27 KB 50ms
48ms Image
image/jpeg 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/5igdnbbvwrqmpjbtqv46y4u3brh4lbjt.jpg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef0e671e922fc0fe31a2c3482e697f3c1d08450cc95a391452adebefc1e791ed

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:16:26 GMT
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 3881
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 26979
last-modified: Wed, 29 Nov 2023 15:00:11 GMT
server: AmazonS3
etag: "cbda15c12cd3a75ed207d97114e24d34"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: j_2LARxNeN7knYkMKQGnBLa6sb03F-qwFgNc7PSDvvoSh9KWXZmoxg==

GET
H2 200 wgwtpg2mc8m5f28ktgackmbuv1btayw1.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 25 KB
25 KB 59ms
57ms Image
image/jpeg 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/wgwtpg2mc8m5f28ktgackmbuv1btayw1.jpg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05c7ba81186b0be4238e6e39757350bcc41918c51858cb167d6112f6a3b7510e

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:14:49 GMT
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 3978
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 25178
last-modified: Wed, 29 Nov 2023 15:20:20 GMT
server: AmazonS3
etag: "6b8fa6e4c6cdb4a29fd61b8bebee4534"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: m5CXqTvZ66bpylFrhbWx2o-_euhyd72B0PwyRxpgMaXksauBfJlaqw==

GET
H2 200 7plb6tndyrn9e0wljl7y8isd2k0rvgpg.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 29 KB
30 KB 66ms
65ms Image
image/jpeg 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/7plb6tndyrn9e0wljl7y8isd2k0rvgpg.jpg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 643f8a16ac220c37763778f80d240d23842c3116d46b587d002496cc6feec1ab

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:14:50 GMT
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 3977
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 29803
last-modified: Wed, 29 Nov 2023 15:00:15 GMT
server: AmazonS3
etag: "f1e04b8ddda372344e1359c98f9ab182"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: CsIj5HFp1-_1MbHeBgO0kNBs20_Js-KrSU46Dp2LRF7g0QtVvSHDAQ==

GET
H2 200 l4ppk2yh956p7qjx4q3aw1gcyqzgk5bo.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 27 KB
28 KB 76ms
74ms Image
image/jpeg 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/l4ppk2yh956p7qjx4q3aw1gcyqzgk5bo.jpg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4fa801dedeab49955dd5f76ca45f223e486d27ad782c5959e002c1fe6150eaec

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:14:50 GMT
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 3977
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 28006
last-modified: Wed, 29 Nov 2023 15:00:13 GMT
server: AmazonS3
etag: "652973baec139cbdfaf2aa9287f3d9a0"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: YTeXNab-QhTZX7JFuCsUW2lT6zTjg-W2uIn3iSXmI1pdLseeJ5d7Xw==

GET
H2 200 5igdnbbvwrqmpjbtqv46y4u3brh4lbjt.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 26 KB
27 KB 76ms
75ms Image
image/jpeg 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/5igdnbbvwrqmpjbtqv46y4u3brh4lbjt.jpg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef0e671e922fc0fe31a2c3482e697f3c1d08450cc95a391452adebefc1e791ed

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:16:26 GMT
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 3881
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 26979
last-modified: Wed, 29 Nov 2023 15:00:11 GMT
server: AmazonS3
etag: "cbda15c12cd3a75ed207d97114e24d34"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: 6MT6IFjtuH4lz1vYw3trL_qZIP2P_69GO8oo0FV4lB4AaYcbvOCKyA==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
258 B 53ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-J19JFGRKPN&gtm=45je3b81v9109201154&_p=1701278466277&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=53284522.1701278466&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fuintacountyherald.com%2F&dt=Breaking%20News%20from%20your%20Local%20News%20Source%20Leader%20in%20Evanston%2C%20Wyoming%20%7C%20Uinta%20County%20Herald&sid=1701278466&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2117
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J19JFGRKPN&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://uintacountyherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 24ms
17ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-J19JFGRKPN&cid=53284522.1701278466&gtm=45je3b81v9109201154&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J19JFGRKPN&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://uintacountyherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 57ms
51ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-J19JFGRKPN&cid=53284522.1701278466&gtm=45je3b81v9109201154&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=492491840

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame B8BA 54 KB
17 KB 57ms
18ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Wed, 29 Nov 2023 17:36:06 GMT

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ Frame B8BA 55 KB
10 KB 54ms
25ms Script
application/javascript 2606:4700:10::ac43:246e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fuintacountyherald.com%2F&ref=https%3A%2F%2Fuintacountyherald.com%2F&_it=amazon&partner_id=694
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 29 Nov 2023 15:31:45 GMT
server: cloudflare
x-amz-request-id: 01C975WVAA3JDKHJ
age: 6558
etag: W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 82dc86715d41690f-FRA
x-amz-id-2: hxb2Br8vf2uBBniSeqakgjztWKIPtATtD6bN1gV+n3Vg6mNMl2rDRQL+gF8pDyHWIII6UuGjSsI=

GET
H2 200 modules.28e3191d8757c557b4b7.js Show response
script.hotjar.com/ 227 KB
57 KB 62ms
16ms Script
application/javascript 18.173.154.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.28e3191d8757c557b4b7.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-467830.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-13.muc50.r.cloudfront.net

Software

Resource Hash

77a17bd55486aef26d2fbbe92b56672398378b1ad7ba7975c79742b4772d52b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 9564791ed47030dad53c797ee814c66e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 530400
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 57395
last-modified: Thu, 23 Nov 2023 14:00:23 GMT
etag: "1ab24a53e715dcb189ab626bacc0e88b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 61UBW6H-OIUizXEUgKusO7pvGVOPKCeLxu8X0TSD-9pqHgyhDb-u8g==

GET
H2 200 03n83so79q240353r1o9nponn6r59orrplaylist.m3u8 Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/ 291 B
867 B 15ms
15ms XHR
application/x-mpegurl 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/03n83so79q240353r1o9nponn6r59orrplaylist.m3u8
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.27.3/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5931aada101730e169beb9b417f0156f5e4a58af804813543ee4537ae3c194b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:14:49 GMT
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 3977
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 291
last-modified: Wed, 29 Nov 2023 15:22:25 GMT
server: AmazonS3
etag: "359631ee3c9519252b3480cb2810ac2a"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: -RrWUFx2crUiKumQEe9UqtD6O4ymchR4ojC-A875azM3dRxkrn4vkw==

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 106ms
105ms Ping
image/gif 44.193.179.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=YN0wpIaGPS26lSSU&instance=214903750&version=7.27.3&age=231129&cmd=IMA&key=Be6nXXXs&c_id=12385&seq=1&order=4&vIndex=0&absoluteTime=2224.9&relativeTime=394.7&EXTREF=https://uintacountyherald.com/&REF=https://uintacountyherald.com/&playerCfg=BR&recoveryMethod=NONE&imaVersion=3.605.0&blocked=false&recovered=false&hasAdParams=true
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.27.3/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.179.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-179-92.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 bridge3.605.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame E33A 752 KB
241 KB 14ms
14ms Document
text/html 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uintacountyherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 356869
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 246766
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 14:13:17 GMT
expires: Sun, 24 Nov 2024 14:13:17 GMT
last-modified: Wed, 15 Nov 2023 19:11:18 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 144ms
80ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Nov 2023 17:21:06 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame EEEA 40 KB
14 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:24:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 29 Nov 2023 17:24:53 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ 3 KB
2 KB 123ms
68ms Fetch
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F92056281%2C12230023%2Fuintacountyherald-premium&env=vp&gdfp_req=1&unviewed_position_start=1&ad_rule=1&output=xml_vmap1&sz=480x270&ciu_szs=300x60&description_url=https%3A%2F%2Fuintacountyherald.com%2F&hl=en&vpa=auto&vpmute=1&vconp=2&cmsid=2631244&plcmt=2&vid=3205108&us_privacy=false&cust_params=sessionKey%3D214903750-YN0wpIaGPS26lSSU%26schain%3Dstnvideo.com%2COs1rviljg-Vo7CkRLAuBsw%26content%3D8783%26placementType%3DPremium%26embed%3DBe6nXXXs%26domain%3Duintacountyherald.com%26player_size%3Dsmall%26player_width%3D1060%26player_height%3D596%26player_type%3Dbarker%26smartmatch%3Dno%26version%3D7.27.3%26player_status%3DLVFNSNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00157%26rand%3D12%26uhr%3D18%26iris_id%3Diris_887d2ac77c34474a%26iris_context%3Dic_2782847%2Cic_5073780%2Cic_6902683%2Cic_7993673%2Cic_4852208%2Cic_9564594%2Cic_6367414%2Cic_3849004%2Cic_4619843%2Cic_2115263%26us_privacy%3Dfalse%26keywchk%3Dok

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.27.3/easy-stn-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

906d4f1183f60b318cf13b7027aa65a6c37a471038c1667f186b5c09d169165c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1036
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://uintacountyherald.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
trends.revcontent.com/api/delivery/ 13 KB
8 KB 89ms
89ms Fetch
application/json 54.76.85.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=277191&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fuintacountyherald.com%2F&icr_url=&va=0&time=1701278466859&up=pc&bn=chrome&bv=120&widget_width=1060&style_id=0&an=false

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.76.85.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-85-248.eu-west-1.compute.amazonaws.com

Software

envoy /

Resource Hash

15a308b620c828610e4116027af3219be81fe3387a3cc93c0b48f30ad6c17341

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

x-rc-region: eu-west-1c
date: Wed, 29 Nov 2023 17:21:06 GMT
strict-transport-security: max-age=931536000; includeSubDomains
content-encoding: gzip
server: envoy
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://uintacountyherald.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 59

GET
H2 200 %7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%226c3f03cd-6fa8-4477-ac05-2c0f4f8da092%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22_config%252Fre... Show response
aax.amazon-adsystem.com/x/px/p/PH/ Frame B8BA 43 B
415 B 143ms
51ms Fetch
image/gif 18.173.191.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%226c3f03cd-6fa8-4477-ac05-2c0f4f8da092%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22_config%252FrequestViewerCountry%252Fdefine%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fuintacountyherald.com%252F%22%2C%22lv%22%3A%2223.1108.2350%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.191.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-191-32.muc50.r.cloudfront.net

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:06 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 3d60650fd0c339e18e816ce29f9a0da0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MUC50-P4
x-amz-rid: Z2JR2SVWZ2YPES3QP3FZ
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: kZ4iQqUMFAcZJevxXL9Uu43UU3eo7sJlelChAWhDRvu29XLWduy6uw==

GET
H2 200 container.html Show response
31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3E20 6 KB
3 KB 26ms
25ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uintacountyherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 17:21:06 GMT
expires: Thu, 28 Nov 2024 17:21:06 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 24DF 6 KB
3 KB 24ms
24ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uintacountyherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 17:21:06 GMT
expires: Thu, 28 Nov 2024 17:21:06 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 r793929p426187r860or31o150q38r0obase.en.vtt
d29xw9s9x32j3w.cloudfront.net/videos/cc_text/ 671 B
1 KB 17ms
16ms TextTrack
text/vtt 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/cc_text/r793929p426187r860or31o150q38r0obase.en.vtt
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb0f736d0d23ef584314ede0fda44f4a1dd74407a24f0041c9523e657d22d008

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:14:50 GMT
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 3977
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 671
last-modified: Wed, 29 Nov 2023 15:24:34 GMT
server: AmazonS3
etag: "ecb95cdb9608e23438024043bc57c2a9"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: text/vtt
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
accept-ranges: bytes
x-amz-cf-id: DeClMCgQoXbht7NNJ4N3_vrAG66Bw26z109_hhaFixU2SG2XyjGVFg==

GET
H2 200 03n83so79q240353r1o9nponn6r59orr.m3u8 Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 323 B
900 B 15ms
14ms XHR
application/x-mpegurl 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/03n83so79q240353r1o9nponn6r59orr.m3u8
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.27.3/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fc4508ce72fb8c96bb9d5baee833c2c1fe358c525527a85e36a0f03bcb3a16b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:14:50 GMT
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 3977
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 323
last-modified: Wed, 29 Nov 2023 15:22:31 GMT
server: AmazonS3
etag: "5f99535fcf9ac92569cfeaa69ac6fc17"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: I05Df8VAwQ5CKq-i42ePNTzORRIp_u9AzD4SlIm-SI_Sv8RsBAV7ZQ==

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ Frame B8BA 106 B
295 B 113ms
113ms XHR
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=694&sync=0&domain=uintacountyherald.com&url=https://uintacountyherald.com/
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fuintacountyherald.com%2F&ref=https%3A%2F%2Fuintacountyherald.com%2F&_it=amazon&partner_id=694
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9685a4d85c81e047f2081c57b9030e743390862426250881c5bc02298adaed07

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 29 Nov 2023 17:21:07 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 82dc86735c165d46-FRA

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 180ms
116ms Preflight
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=694&sync=0&domain=uintacountyherald.com&url=https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://uintacountyherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 82dc86729b2e5d46-FRA
content-length: 0
content-type: application/json
date: Wed, 29 Nov 2023 17:21:07 GMT
debug: OPTIONS block
expires: Thu, 28 Nov 2024 17:21:07 GMT
server: cloudflare

GET
H2 200 03n83so79q240353r1o9nponn6r59orr-00001.ts Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 366 KB
366 KB 15ms
14ms XHR
video/mp2t 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/03n83so79q240353r1o9nponn6r59orr-00001.ts
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.27.3/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 55fcc36756ba70a18a2ec4c371d723ffbf4a24ec94eed3013566b775911caff6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:14:51 GMT
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 3976
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 374308
last-modified: Wed, 29 Nov 2023 15:22:30 GMT
server: AmazonS3
etag: "a974fe4860b13bc2663faf8e08916566"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: video/mp2t
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: z8T2k-54U5Vn20_JwtJmfpCxwSZ5l02Ls943OrVhTUMLp5JKQvHaZA==

POST
H2 204 beacons
p.flipp.com/ 0
0 214ms
213ms Fetch 18.173.187.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.flipp.com/beacons
Requested by: Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=%201262364
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-21.muc50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 29 Nov 2023 17:21:07 GMT
via: 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://uintacountyherald.com
access-control-allow-credentials: true
x-amz-cf-id: 4i8pkf0kslIT_sGNQ020u8UQfvHDRwuVjez_0Aiqz7neupEK-o1HiA==

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 3E20 91 KB
36 KB 121ms
16ms Script
application/javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1

Request headers

Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
Origin: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 29 Nov 2023 17:21:07 GMT
content-encoding: br
last-modified: Fri, 10 Nov 2023 19:05:36 GMT
vary: Accept-Encoding
x-azure-ref: 20231129T172107Z-5ucqxgrpc165vbnx83xxcxpm3n0000000bag000000008xhd
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3e6286f6-c01e-00c3-190e-2093fc000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H2

200

c.gif
www.bing.com/aes/ Frame 3E20
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=3e142b2e-b9ba-428e-b827-eb768da1073f&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=ca4f656d-8299-48b7...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=54d00a5eb98444a9a78fb69ca1db2927&SNR=1&GV=2&med=10

0
545 B

79ms
79ms

Image
text/plain

2a02:26f0:3500:1b::1724:a39c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=54d00a5eb98444a9a78fb69ca1db2927&SNR=1&GV=2&med=10
Requested by: Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2a02:26f0:3500:1b::1724:a39c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:07 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F51B7D4C71F44EDEB219B4D1A7C78F21 Ref B: FRAEDGE1210 Ref C: 2023-11-29T17:21:07Z
x-cdn-traceid: 0.9ca12417.1701278467.2434f179
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Wed, 29 Nov 2023 17:21:07 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C636DF9144BA4BCCAE3E8BAD8647D000 Ref B: DUS30EDGE0316 Ref C: 2023-11-29T17:21:07Z
x-cdn-traceid: 0.9ca12417.1701278467.2434efc9
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=54d00a5eb98444a9a78fb69ca1db2927&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame 3E20 80 KB
27 KB 60ms
21ms Script
application/x-javascript 23.213.164.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.164.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-226.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 17:21:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27680
Expires: Thu, 28 Nov 2024 17:21:07 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3E20 3 KB
1 KB 93ms
28ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 12:41:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16788
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 12:41:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3E20 20 KB
9 KB 81ms
16ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65049
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 23:16:58 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3E20 24 KB
7 KB 79ms
15ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 497049
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 22 Nov 2024 23:16:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3E20 202 KB
64 KB 66ms
63ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 17:21:07 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A1B1 624 B
826 B 100ms
66ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNVhMBKS8JgW3odGsexPROmFEuMAwROiTaEm-Kb_Flk0P4JNye-av4xxbUVxAtIGLOuGDNJw4Ul-DhLUTPM0sJW1O3OKF0jXKq3v1K3QRIusJd2_X5tvVwriBPTfAEcq5NM1BBeo4U7DKKzKAquqWmAMbL-lahu9J2tvqIZaqgPHs4MAnaA

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 17:21:07 GMT
expires: Wed, 29 Nov 2023 17:21:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 24DF 89 KB
31 KB 95ms
93ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 17:21:07 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 24DF 42 B
63 B 49ms
48ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B2KsrE1Hyes88Fm3XD8Wv6v0j-v8jl68ZAaGKcN-WcecfjsGwXmmAlHzXVC9RyUi865isT20M-9IzGhiJzhIFqdjr_nZ6uD4zwjwAUlpupP3L8__8

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 24DF 0
20 B 49ms
48ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13114803937138007907&x=1&ct=77

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 24DF 3 KB
1 KB 92ms
29ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 12:41:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16788
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 12:41:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 24DF 20 KB
8 KB 82ms
19ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65049
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 23:16:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 24DF 202 KB
64 KB 144ms
143ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 17:21:07 GMT

GET
H2 200 preact-incoming-feedback.c20c19b1cc6c85b5d8d1.js Show response
script.hotjar.com/ 190 KB
42 KB 15ms
15ms Script
application/javascript 18.173.154.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/preact-incoming-feedback.c20c19b1cc6c85b5d8d1.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.28e3191d8757c557b4b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-13.muc50.r.cloudfront.net

Software

Resource Hash

68947e9ddb590b11f6c1250e1080ff031fb91fddae5b9d41eb307a20ae306e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:27:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 9564791ed47030dad53c797ee814c66e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 608039
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 42783
last-modified: Wed, 22 Nov 2023 16:26:24 GMT
etag: "238d00d7f9c895e9f37ab6355e0076c2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: EXD9w_Nc6Z95U0AkfRXzyCDDWKR5AFpgtpRY0LEdXe-PVnKB_heZmA==

POST
H2 204 impression
trends.revcontent.com/event/ 0
0 104ms
40ms Fetch 54.76.85.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/impression

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.76.85.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-85-248.eu-west-1.compute.amazonaws.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-rc-region: eu-west-1c
date: Wed, 29 Nov 2023 17:21:07 GMT
strict-transport-security: max-age=931536000; includeSubDomains
server: envoy
vary: Origin
access-control-allow-origin: https://uintacountyherald.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 7

GET
H3 200 css2
fonts.googleapis.com/ 34 KB
1 KB 23ms
23ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fad08488ab9bdf68897a3a6eeb699584c94d259cf814b1f81a330964852f0274

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 29 Nov 2023 17:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 16:30:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Nov 2023 17:21:07 GMT

GET
H2 200 brandWidget~feedWidget.delivery.js Show response
assets.revcontent.com/master/ 65 KB
17 KB 17ms
16ms Script
text/javascript 108.138.36.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/brandWidget~feedWidget.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-71.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0077dda9560e1ff3171a016d7390330796612e54619094f5bafe6b5314e2eb8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 06:58:43 GMT
content-encoding: gzip
via: 1.1 c807be9a1ebef174d61ebd59fb655d20.cloudfront.net (CloudFront)
last-modified: Mon, 06 Nov 2023 20:47:51 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 37345
x-amz-server-side-encryption: AES256
etag: W/"96edb70e0b7f4125d0951702526f091c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=60
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: SUjslvvdyaKNrxa6Ws_7YmTD9ilJiQvKcxHSwPlQWTiPnrPvLAnP5A==

GET
H2 200 defaultWidget~feedWidget.delivery.js Show response
assets.revcontent.com/master/ 30 KB
9 KB 18ms
18ms Script
text/javascript 108.138.36.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-71.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a4de1e27f83eb7660e650f61a7b3cae568fff6554aabf2ece6acaaa943814bbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 10:16:27 GMT
content-encoding: gzip
via: 1.1 c807be9a1ebef174d61ebd59fb655d20.cloudfront.net (CloudFront)
last-modified: Mon, 06 Nov 2023 20:47:51 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 25481
x-amz-server-side-encryption: AES256
etag: W/"5bfc015a2c2bfed2e72c706157a02719"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=60
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: jQvG0fOMIw1GSi2f6LYG8MsNaNx1a6VHIjjXFeDVLY2YbNqlSQ7FMQ==

GET
H2 200 feedWidget.delivery.js Show response
assets.revcontent.com/master/ 34 KB
10 KB 19ms
19ms Script
text/javascript 108.138.36.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/feedWidget.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-71.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5d827fff167e3e0dd80812592a22621df80fda7610a0ed3a07ca49f94abe41e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 07:24:31 GMT
content-encoding: gzip
via: 1.1 c807be9a1ebef174d61ebd59fb655d20.cloudfront.net (CloudFront)
last-modified: Mon, 06 Nov 2023 20:47:51 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 59794
x-amz-server-side-encryption: AES256
etag: W/"390f0052288a44789c8f6404c2523a7a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=60
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: xvW50KC5TU3YhGFTnYoRZUm8X4Yg7bn6p9Ws86gvQf0lxxg5aQoXNg==

GET
H/1.1 200
OK score.min.js Show response
js.ad-score.com/ 497 KB
154 KB 66ms
17ms Script
application/javascript 2600:9000:26db:2800:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:2800:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7f2d7405f0f4b893d5a21f2bf5607318c2942e8cee5922e05a00b79147dfa3b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 15:14:09 GMT
Content-Encoding: br
Via: 1.1 106a2e3801afa4dfd5bd4bfaeb93d526.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MUC50-P3
Age: 7618
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 29 Nov 2023 15:14:09 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Cache-Control
X-Amz-Cf-Id: y9YfkWuM385E3hRPG_w5LscbIqyJNqNT_LcYLo96hKNypPUhyO-Yaw==
Expires: Thu, 30 Nov 2023 15:14:09 GMT

GET
H2 200 /
img.revcontent.com/ 1 KB
2 KB 57ms
15ms Image
image/png 99.84.88.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-101.muc50.r.cloudfront.net
Software: envoy /
Resource Hash: 94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

x-rc-region: us-east-1a
date: Tue, 03 Oct 2023 17:55:57 GMT
via: 1.1 b8d6320dae849a3360537a2233718764.cloudfront.net (CloudFront)
last-modified: Thu, 01 Jun 2023 15:43:57 GMT
server: envoy
x-amz-cf-pop: MUC50-C1
age: 4922710
etag: "a798d6ed9b193888fbc8a4a5bd7b51c236f8aa33"
x-cache: Hit from cloudfront
content-type: image/png
x-envoy-upstream-service-time: 22
alt-svc: h3=":443"; ma=86400
content-length: 1351
x-amz-cf-id: 65_xtdoacnC9kNGOAfUTeO8H1r080nHYnhuIRvvD_zYwWheBkd9gbQ==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame B8BA 23 B
466 B 90ms
61ms XHR
text/javascript 18.173.191.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fuintacountyherald.com%2F&pid=qoPkHyvn2LwfI&cb=0&ws=1600x1200&v=23.1108.2350&t=2000&slots=%5B%7B%22kv%22%3A%7B%22irisid%22%3A%22iris_887d2ac77c34474a%22%7D%2C%22id%22%3A%22standard%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!stnvideo.com%2COs1rviljg-Vo7CkRLAuBsw%2C1%2C%2C%2C&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.191.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-191-32.muc50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:07 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MUC50-P4
x-amz-rid: 87AEHP2HEKG6F2CA3JNR
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://uintacountyherald.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: JqT8JnsRATit2W0I6p2jG1CFfGc3I0LX9e4AZ-AslPuw4vTUxCeV4Q==

GET
H2 200 widget-rtdx.php Show response
japfg-trending-content.appspot.com/ 5 KB
2 KB 516ms
467ms Script
text/html 2a00:1450:4001:80b::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://japfg-trending-content.appspot.com/widget-rtdx.php?s=10236
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: 5f7a6e6a2338db74b1a1ebba51aac8e37d1f0e78af0f133d30499a9bc57d810c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:07 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/yjsuMg1kkWeWHf5qo2WHhexYOVs/gpt_and_prebid/ 131 KB
29 KB 59ms
25ms Script
text/javascript 2606:4700:4400::ac40:90a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/yjsuMg1kkWeWHf5qo2WHhexYOVs/gpt_and_prebid/config.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6JN5TJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fce1a98db0531c27cfef47e2bfff90b511ad1a946d72d9eb92f125d256d7227d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 12:58:35 GMT
server: cloudflare
x-amz-request-id: D8F42QTB173TMATX
age: 698
etag: W/"ced8514fa2935267704e458f3799b321"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 82dc86732e565b68-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: sYFxaEU6YcyEMS+K7Pngp5sezHPZmdnXcM6WZYgk6ywHqN9sOq9QoI2DhFRzTU9l2ePDVe+SVfM=

GET
H2 200 03n83so79q240353r1o9nponn6r59orr.m3u8 Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 323 B
900 B 15ms
15ms XHR
application/x-mpegurl 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/03n83so79q240353r1o9nponn6r59orr.m3u8
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.27.3/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ac71735f39c340f7bcc05497dc26ffadb3ac700a3aa990d71da86ca182464903

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:14:53 GMT
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 3975
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 323
last-modified: Wed, 29 Nov 2023 15:22:31 GMT
server: AmazonS3
etag: "cdd9dbeba1323ed036b7e859a2297243"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: MI8kYmKnN3yMEIZEWe0b2lqi1w9v4yZ_1UMRKKtgrqSoMuZLUokryA==

GET
H2 200 font-hotjar_5.65042d.woff2
script.hotjar.com/ 2 KB
3 KB 44ms
15ms Font
font/woff2 18.173.154.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/font-hotjar_5.65042d.woff2

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-13.muc50.r.cloudfront.net

Software

Resource Hash

fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://uintacountyherald.com/
Origin: https://uintacountyherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:49:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 106a2e3801afa4dfd5bd4bfaeb93d526.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 7666307
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 01 Sep 2023 09:38:54 GMT
etag: "c9fb9163f8b7be37023ebe649688bebf"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
x-robots-tag: none
x-amz-cf-id: dTaGB2HRAbLLHPIMR3KMeBqY7JWRojXJD4JZ6QBhgDD0mleoFx-9Kw==

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame A1B1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDF3N0OIhk4lyXA6BqmSj4Q&google_cver=1

43 B
345 B

35ms
35ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDF3N0OIhk4lyXA6BqmSj4Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNVhMBKS8JgW3odGsexPROmFEuMAwROiTaEm-Kb_Flk0P4JNye-av4xxbUVxAtIGLOuGDNJw4Ul-DhLUTPM0sJW1O3OKF0jXKq3v1K3QRIusJd2_X5tvVwriBPTfAEcq5NM1BBeo4U7DKKzKAquqWmAMbL-lahu9J2tvqIZaqgPHs4MAnaA
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZSGe%2F5HGkfGPVwBy8KV%2FWFzEk6Kz6TMhEEroLv87QcGbQhFbZ2YpEOP83VgIp3zdTPwLi1FP7MqkaUhXMBJMDHO2ThMr4Q9Zk4Wu%2FdIiNg5%2Bu%2Frto%2FXq0JDXJWR1b6Gz1qMnfIBi%2FyXUMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82dc8673ab3118db-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDF3N0OIhk4lyXA6BqmSj4Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A1B1
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWdzA7WnK5eqQKjLHFBrpAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDF3N0OIhk4lyXA6BqmSj4Q&google_cver=1

43 B
771 B

43ms
43ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDF3N0OIhk4lyXA6BqmSj4Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNVhMBKS8JgW3odGsexPROmFEuMAwROiTaEm-Kb_Flk0P4JNye-av4xxbUVxAtIGLOuGDNJw4Ul-DhLUTPM0sJW1O3OKF0jXKq3v1K3QRIusJd2_X5tvVwriBPTfAEcq5NM1BBeo4U7DKKzKAquqWmAMbL-lahu9J2tvqIZaqgPHs4MAnaA
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=of2CGT9p4ICnRK7lmlULwsBI%2FZVFP3vQMO2Sdlb8R4I2nbEk48ejMx3rov0P0eSDN%2FyARKkBfNpYZanX4oSh7u%2BxSnFfz%2Bg5Ak8tBeF0und8AWH7v%2F9ELMTQqZ0sSXoSvDbsj0mXsksMdw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82dc86749f56bb85-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDF3N0OIhk4lyXA6BqmSj4Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame A1B1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGQ2zwI1_J8A8swFX-5e764&google_cver=1

43 B
840 B

19ms
18ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGQ2zwI1_J8A8swFX-5e764&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNVhMBKS8JgW3odGsexPROmFEuMAwROiTaEm-Kb_Flk0P4JNye-av4xxbUVxAtIGLOuGDNJw4Ul-DhLUTPM0sJW1O3OKF0jXKq3v1K3QRIusJd2_X5tvVwriBPTfAEcq5NM1BBeo4U7DKKzKAquqWmAMbL-lahu9J2tvqIZaqgPHs4MAnaA

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:07 GMT
an-x-request-uuid: c59ad738-7121-40ae-ad9c-43e3e0924dc2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.136; 178.162.209.136; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGQ2zwI1_J8A8swFX-5e764&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A1B1
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTAyMzExMjc3NjQyODQxMTYyMQ%3D%3D

170 B
243 B

26ms
25ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTAyMzExMjc3NjQyODQxMTYyMQ%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:07 GMT
an-x-request-uuid: eade77b9-7c4e-4f35-95f8-68e71e71dd36
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTAyMzExMjc3NjQyODQxMTYyMQ%3D%3D
x-proxy-origin: 178.162.209.136; 178.162.209.136; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 216ms
67ms Preflight
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://uintacountyherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://uintacountyherald.com
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Wed, 29 Nov 2023 17:21:07 GMT

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame B8BA 173 B
473 B 184ms
12ms XHR
application/json 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0_trade_desk_33accross_intentiq/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ae2557724830f95907a8313966db803e18f041d706e1fe5a6bb408d901642d87

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/2.3.0
Content-Type: application/json
access-control-allow-origin: https://uintacountyherald.com
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 169
Expires: 0

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ Frame B8BA 0
169 B 295ms
164ms XHR
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0_trade_desk_33accross_intentiq/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://uintacountyherald.com
pragma: no-cache
date: Wed, 29 Nov 2023 17:21:07 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame B8BA 19 B
547 B 41ms
10ms XHR
application/json 52.59.93.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.5.0&referrer=https%3A%2F%2Fuintacountyherald.com%2F&tmax=3000

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0_trade_desk_33accross_intentiq/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.59.93.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-93-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:07 GMT
accept-ch: sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width
x-auction-status: 16
content-type: application/json; charset=utf-8
access-control-allow-origin: https://uintacountyherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame B8BA 0
117 B 110ms
20ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0_trade_desk_33accross_intentiq/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://uintacountyherald.com
date: Wed, 29 Nov 2023 17:21:05 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 hb Show response
hb.undertone.com/ Frame B8BA 0
522 B 183ms
123ms XHR
text/plain 18.173.154.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=3590&domain=uintacountyherald.com
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0_trade_desk_33accross_intentiq/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.154.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-71.muc50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:07 GMT
via: 1.1 bc8243121fd94c5b2714caac07caccde.cloudfront.net (CloudFront)
accept-ch: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop: MUC50-P3
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://uintacountyherald.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-amz-cf-id: LaZG9sSbRKrdE9yZw2A-uS7Tg_AYcvjDpedlfumvEFXnAVGvceFRaw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame B8BA 37 B
552 B 57ms
35ms XHR
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=438214
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0_trade_desk_33accross_intentiq/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8e26b433613fc5167d5dabf7fb0d72514e575cbcebc0078e2cc58dc29b7b4e2

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wFZUah%2FiCRZiGyf4FIGyFiHnpVtG%2FDCn3AM0%2B2jxttimgnwBHX%2FdB3y5cfy892GmuX5wCgmlqlg0BCEWMLU8YqryWsXj4hEZTgII5wzVQdEVeIcNz5stQp4SsIvqOQMunDUfriZj"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://uintacountyherald.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 82dc86737d194d3a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame B8BA 19 B
588 B 26ms
10ms XHR
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0_trade_desk_33accross_intentiq/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:07 GMT
an-x-request-uuid: 0b736fb4-4e99-4001-8c4e-b6bebc3653db
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://uintacountyherald.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.136; 178.162.209.136; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 19
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 64f9a5bb888212-37359274.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 21 KB
22 KB 75ms
31ms Image
image/jpeg 99.84.88.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/64f9a5bb888212-37359274.png

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-15.muc50.r.cloudfront.net

Software

cloudflare /

Resource Hash

d1a2da045d78c4ed73d71581e1607e7ea958d598ff919dfb7fb72d53fb18b43e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

strict-transport-security: max-age=604800
date: Sun, 26 Nov 2023 09:52:49 GMT
x-content-type-options: nosniff
via: 1.1 24d97ac79c66f25c7df0732cb86ef322.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 286098
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 21668
last-modified: Thu, 07 Sep 2023 12:23:45 GMT
server: cloudflare
etag: "bf2c86c633d37454e6b075514d4799e2"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
cf-ray: 826a1da1495d387d-IAD
timing-allow-origin: *
x-amz-cf-id: OamrCjXaP0WrZ1LFSUVRwkfPepf_CpmWDJY-NCeRje3SWtZOrPqcGA==

GET
H2 200 795a02aecde80d5c65320603c05af1db.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 18 KB
18 KB 70ms
29ms Image
image/jpeg 99.84.88.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/795a02aecde80d5c65320603c05af1db.jpeg

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-15.muc50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

da1b94b16cc73ab273a2c57777f6023480e0c24e607e48233a47ca6ecaa2d058

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

strict-transport-security: max-age=604800
date: Mon, 27 Nov 2023 14:24:04 GMT
x-content-type-options: nosniff
via: 1.1 24d97ac79c66f25c7df0732cb86ef322.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 571299
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 18291
last-modified: Tue, 19 Sep 2023 17:40:44 GMT
server: Cloudinary
etag: "cccba623fd66e8aa63515510f92791f6"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Yz1JBnJQpMTEhw9HWY52tgIRwT28CW6Fol9l19q3i5QEnml64ceSEQ==

GET
H2 200 a3c1d386abdc2e71f189bd56ec60e462.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 12 KB
12 KB 58ms
18ms Image
image/jpeg 99.84.88.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/a3c1d386abdc2e71f189bd56ec60e462.jpg

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-15.muc50.r.cloudfront.net

Software

cloudflare /

Resource Hash

d913144f69807246e27404060909e5ee9cf740eead3adf1db3a6d1bb1805e03d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 11:23:18 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 24d97ac79c66f25c7df0732cb86ef322.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 107869
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 11909
last-modified: Tue, 28 Nov 2023 11:14:45 GMT
server: cloudflare
etag: "bf890ade9f4bfecae1e98f71c7139038"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
cf-ray: 82d23cedf8277007-IAD
timing-allow-origin: *
x-amz-cf-id: ruxmUfm3HMWZrQ9akodOGxWskED0A4b8SFIzkplKpWAKVwN9SkRVIw==

GET
H2 200 43a51d6c817703425c59c00f0d61b9d2.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 10 KB
10 KB 54ms
16ms Image
image/jpeg 99.84.88.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/43a51d6c817703425c59c00f0d61b9d2.jpeg

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-15.muc50.r.cloudfront.net

Software

cloudflare /

Resource Hash

f58e6745de6de51a1ed7252fc74c7a0d13a570034fd45e12336f0c40b0ebdb1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

strict-transport-security: max-age=604800
date: Sat, 25 Nov 2023 08:23:01 GMT
x-content-type-options: nosniff
via: 1.1 24d97ac79c66f25c7df0732cb86ef322.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 568790
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 10102
last-modified: Thu, 05 Oct 2023 14:37:40 GMT
server: cloudflare
etag: "d39ba77532848a2a55589265a18f807f"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
cf-ray: 8230874d280020bd-IAD
timing-allow-origin: *
x-amz-cf-id: 83UiSa4l3Ttc2aPoWifdhF8WGWkEHLmoL7d2ShLHLUkvhLU-b4sdwQ==

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 24DF 0
20 B 50ms
50ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5986778155533&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 24DF 0
20 B 49ms
49ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5986778155533&version=m202309260101&ct=77&x=1&cor=13114803937138008000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 24DF 20 KB
14 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CuALTiiXLsN6C0McnsSLIvAmHO7iLgnHupoCWJwzddgWjpM8S42oy8GJS89Ip5zzscnZawRAdXCndPgMeiDptoKhpqey8srbsYIDtED7xU_zy11f8ztLunImgF5a6cAZxRoriiiBOiito_0W6T8SDV21unZwxEAIESdWa5aomFfDjklCI&cry=1&dbm_d=AKAmf-BawdwnbpnKakXe8ybm9TOPZt_8pfKmlGPRfXAw4-CuIC2av4WTkmbYlinLOljjxTdkuMWrIWhJ7DMgoMzYwQdi6Jdz8E1blnCCXXt993QHyh_sYRbbKq8lP6ukreA58r4n-1cJBHcc3g_VukyN4rpF8NonavTvmvtbl_h2WImGHg2w-WlUBqMut5a4FLsvztiz3_R3-OOWzYk7hFXTIOcaSTJCzh7hLb3ysurAq1jJJyMYqv_OgCDmIOuTwb69fBbIAL0lLDCy0Yd0SA488HsiXbbyhiEy59Wf-bdEyQOwZ2TakIm75w-5urED-TVH6Ux8ykhUnMYk_v9g-VZHmyBcDzMqL4H_JHfLvuBTSWGVFA5rHLJsfRNa064nIdrEmCrkia05mFRmRdFuCv9mcHID7C5hCgreE8M2u5ycFbbqeTgo-1-RVLpgOyqIIiNHoFZMqvvaUQ2nn-Cvxekd-AaDujMPS-sBPbspfKLpz2_BHYUX911P9IUlAQRFtg6NoTSeJcX-fZFCm_1Sum4Nw43VchgNxGu2ZkmEv1YqDzq9bcvYslPZkz-MIX8GcP8dv4oMDTt3MkU1GwjSqfjb94Y85hvfSpmLgbV-SYq5Xs9CqsVXfKXMGvQ33a82vkWBNAZpfYG00CMN02GwCkNBu5OTKSk1U6nIOcJj_XY6HwMRFbOoKBjDW-3HbOi3vT6zhpzVEHwNf9-fs2qqCM5tUXJ7MMhHpG7OjihIl7dKNqZk6CBGUt2LJqbhE1z-0lH4uHEBK7icgePa0Xt9erdEXrJLfB2hlzBiRStn9RWz4rpyeWHgm_ZwDIh84naAP3stZJGpZTfbDaDDO91SYs3ZrlfZZfan_AFBpXFUD--hbRX8FizBvW5jGDMGcGtsxpWm8-cx0rH6muDotie-wkcE5b5zwvwwoB4ofjRmSWTeZB7Jr-0rAu4pKa_AqRvx5BCifptQM_zpGbx7UJc5d7Komx36ORbAiIUHlDx7lLyTMNb9Tj-37SozH47npb5eNGeVppQWLx6HqwHB1AgipSWouaUAYp4SqXBzU7we5cqp2b3vlSjsfKWJhbQCE-EdYGZvTbuDFCoYjPBV59WQZiAgLgX8yj6b2_SGhQjjvcgv7b4b3dm_h636VqTvnLrVNeUfSRjOfbukHvn75soeGXw8JNL-KE5R6pXRYHIzpU3e7AINNnQ31WjfuWkHRr9gjOqdFbr0QQB2Z93yzLr9hRw9Fc8GAU2tBtq4n_uH-S0Imt1X1R_N0QZ3zX0QeSQmxk82Sk8panJFTKfy0ZvaOVv94MioguHYN0xjetyg4wDBu8KTIQQIEgOSjgza646zC-pO6JGLw6on4KnC5HC6Jp5sD5zEQI3pjk2ZjZ2eoN5RT_rPEXZQt1vV3jUsJMh1gYAgFU97fitFoC6_nw7DP35frPTY4jia2A3ldDWNtHJ3Syzcv3E7532iMzYdUy-3euNJMAGc8z9FWh-1u-wKK-7tFkIxl17qBoPdbaLXWbxGk4f2iWlpwmfIf0WfbAJNUkToVxEnk5Z9Khd-fg1I8juElwVikc7u08_G0f5wBG3dwuE9qO3QEZDuHfwARWEolBAM4fmpqDPOY3BTdNvvy5WnrfFZQUXWYN7TkiXUtGq69B3fFzwlMYRYE07VkbME7MfS18FUPS4kysUn7DMBUBDizwFIGJ21xCKlf1jACbk_1kJOoDEt9PdDlnfD2sAIarXKNNsSsJR3FkxOXW52hemSU1NJSupX5w7EaWs8_GLbHWpR_psui0tK2hGWMsoAOW8jauuZ6fvfdPczE7YiAv5ir-mLbDPb_plh7afQ8KgdiOh2FmBTAAXzXyBYF-ctQzCfb97MTN_u2TmFAoszN1KRR11x_V8ojHinofAkXHEhi1k_4JEx55TmixYzfE6S8fiHErmw7sXNwPfwzgqD7ptS9M3wPv4j6g7LlbqWnD9T3M5e3V15Zds0iz9Sgui6hMaksN_aeA5HifjapXg3G1gy4EF14lQXw6j1J8z3cQ5B5fDMu5aEGv43zkJCoM-0I1SYJ5Ui98ZvcXiPVDO-3mZrRJMYFwbCAb-AsmkYUonuGVz9J_wQ5rnkh6pv4tVP2mq0unqYTXiJSuQlP1yuLN-QHBTD61_k88j3NYRRHfyyKYdZE1Cw3XezUEWYkapnUgWua97rGLB2m94DUAlLs-JMAQErvlqdb2JqITd9yzQVIYxpQcSDy6y6D_z3tqeZ7mrtn-QywdBh2GuG5uWP5qOjnMS3Ht9rTw-lDGO088c2Lpk3Xcaz6GjCxAToF-NJTKirUiQaixsAG2eIJLtMgNyD7paprUpNeiHGcauFxQocj7Fy3LiUvyC2LktyYEoDdqiD2g8Vn7GpRQDRZKCLrX6VrNjjVX_JYHtWQxnb3ITtdPsIxLGTERCqkvVdHC0ehPbDvt_hIYyOxWwU604qNo5s2dmARph3AaB-OFGOAAER4uFKQu-2StYwSUuzeGKr9vd01ETAIFOfhIuhwXX9tpVihlO8lGPjGC9Nu6XlXF6Q9RxUQrcAunRzBQVs2BVTYLCI6f5bmnfubPNW0pO68ekpIuhop8o4SOLHTcUBxyhKqJLQf-Wak1lwS4TEk4UgBlYidyOA6eWH_rFcditFAPb6DRIZq3CY5t-BBNtpw45hnka5-z43VdT5S_1Mq8MfGjNzaSmFQ8BDcqsBNV6UuiF4w_MOFCMVizhHA--MT6iFYq13bzz52cXWXkfzou6eExj5dHVOTkgRV-LGVloMKtViCGkCptR_PH_NmpyadJSz64Iad1b8dV7z8vru-bHbWLsRGrfqf-1IKMGItcWeQg87NZhJGyvnufAvDS0amRd-n0uBJ5FrBC08TR0g0jYjv-EfgsDZO6iKbOnAhhSoCCZE4ZHcyxflpmEDkdLAAIp6eqAuGHQhSNDAZMboijlHfL8-SemuehI-QHRMUq2yQTSJdKebSXCwiYafaGERPqtCv4tedpAVet3H-v0R10wzE3PEYY_r8-v4bW6y6VR8J5-WyQjGoOwQ9UpfuWgtZCebE-2rvYQfBm11j2mRxSK_Z9B0cE6ZO3jy4qgqN8KmtrfVvbUg-RhzBWuBoOUi6In5zofEdA11EYFUq3-8CLtItHyBwYNV3kpYrjzgtCxgHNZs9paIPw2tnCrrLYE9WZ3DZ2tpXuzJqC3cplaLGJVLu8-4Uxperl-858zwaIRSsmnL3-0c3B6fZbf4vvs8_UK8_ZFbTEIejxH5vIP2xbTWSpMpaJNjv9KMdWNJeSjRPUZRd_ue72a5wmst-WtrscR96wjhhhTawgwFQLAZOTtCk5cBKlhBizMDE3DyqThcagTtdvFi0JoHxb12r6QPwzhirswBDJp8GwxCVCD9VZwiWFhrHrtp4QtNDcAiDxx9WzguX1-Im_wZYYq4ydfty9ehVXRBh7GSCblDuw_qyL10LX4-kEPhr4jB--5zuvNvt9LPM8Ft2-Oe_n5FCPw8RfTWuP5PIyeXzHQGG6X3XqyzMhztpVWem87rWXcBcdg2rZ1JGd3B2mdoyC5SY3w7P-R53GqdpyvIMg0-l5_jGskoqFWtLWgRom6tE9uin0xqoIV7Xs8qNbBrSB1bHurW7zFhXlGdLyu0XbaaoOkZKCyaOatrfIj59rZFrbUcqUgm44MAjmvliRU_vVLcZ01T5Ej0077ZHehSBfiiCjJ6ZoRizfpfk5bQH5mXWnf545_kZtUP2IqJ8bz4Mna1YtduoZDa5FlrQUSmO4dEWs1hWfLrK1gDNNpp0DHliIItb-10GYNUsTdpnyfGazByskXuZ6fGA38YAiZ7A46lphZxiS7xBSha6Vz46j9DHweFQy0W0R_A_B-0v7rLGOVsf1wX7cLk9VwAg-7pBjJpRRynfYJ_jaRihpFYqGcE8HR0Ne0GZENeBusXi32FIQTZYiflBpMUrfMENPLXgeip9br3EBqkXJFhos8BIN0XrHLN2jYrt9KD-JmzovV4F07MTbZ9-ddzHttC2D6AsLEPkd46EQoCycQo7iLjC-zUEQPWRwVEqekY7XUVZKi-jX38vYS7Pq_BHvzl6yDneW6zS5y5htd1yke4jrtPMeGy&cid=CAQSTwDICaaNf9hJraJQNyvMzWAbM4E9GrNjAEMHzI5jTaHKLWA23IXjuBuOZjjuHwbRELNHblf-PfkN1L8D5HnVz2RXwTVUUXhxOM_9PO4LxgMYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fuintacountyherald.com%2F&ds=l&xdt=1&iif=1&cor=13114803937138008000&adk=2228999115&idt=112&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d206510a4f660aaa9f13e6c49612cf0373b7f99bedc62d276a1150e6ff7513a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13916
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 50 B
602 B 547ms
154ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=MaERqapKFzogwfyvUnuhPOIxeXLlIDws-FE7fPshldVrrKD4c033IF0jB-E03BPc9ga1rmPw==&pm_ct=fc1803a924c32ea6aaefc8ee&pm_pl=1701278467158&pm_td=7&pid=1000177&en=1.1&callback=__pm_glbl_YQmXZVv3gLX4M8dIYkSop0kv._gc1&tt=opt&v=d54c666
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 058330e592e9d931835d1d504b3fd862db0fbac26115cf1e72140ed35a2c9b49

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 29 Nov 2023 17:21:07 GMT
Age: 0
Access-Control-Allow-Methods: POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://uintacountyherald.com
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 50

GET
H/1.1 200
OK x.html Show response
js.ad-score.com/ Frame 77CC 73 KB
25 KB 16ms
16ms Document
text/html 2600:9000:26db:2800:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/x.html?v=d54c666&pid=1000177
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:2800:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 3ad9460bba5e6421edd709753d9d1aced917ab199d3d76efb58af8288fcca575

Request headers

Referer: https://uintacountyherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 7618
Cache-Control: public, max-age=86400
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 29 Nov 2023 15:14:09 GMT
Last-Modified: Wed, 29 Nov 2023 14:28:08 GMT
Transfer-Encoding: chunked
Via: 1.1 106a2e3801afa4dfd5bd4bfaeb93d526.cloudfront.net (CloudFront)
X-Amz-Cf-Id: fHbvCqnQ1eYJEYqpBqdW_eWrpV8OgIvPE-znd09EdQhn6FgC-mKPLw==
X-Amz-Cf-Pop: MUC50-P3
X-Cache: Hit from cloudfront

GET
H3 200 th
www.bing.com/ Frame 3E20 14 KB
14 KB 20ms
20ms Image
image/jpeg 2a02:26f0:3500:1b::1724:a39c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7215898042300_1R7CU2659CV8KJ5JKR&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=300&h=157&qlt=90
Requested by: Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:3500:1b::1724:a39c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c8d717c76b14aad6c4fd6c99b7fe803e15a53537cba081a433c8e94b0ac74ce5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:07 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.9ca12417.1701278467.2434f8ff
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 14089
alt-svc: h3=":443"; ma=93600
quic-version: 0x00000001

GET
H2 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202310231203/ 264 KB
84 KB 23ms
23ms Script
application/javascript 2606:4700:4400::ac40:90a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/yjsuMg1kkWeWHf5qo2WHhexYOVs/gpt_and_prebid/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Oct 2023 16:04:16 GMT
server: cloudflare
x-amz-request-id: BTJG2Y59E7RY7DNG
age: 1524119
etag: W/"866ce4ef9ef41c261f6060e4f642bb88"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 82dc86747f765b68-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: qzCbakWPNuHizvAS7A+GNvYhsqG5DrlIr+CgAUCMKTGvVeq9odjO7RbW/D6dEqCXiCKz5Y5BAVk=

GET
H2 200 diberp-tcx-v7.13.0.js Show response
www.americanhometownmedia.com/static/ 328 KB
103 KB 178ms
18ms Script
text/javascript 34.120.58.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.58.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 62.58.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c02ccf4ffd38f6e1602a17e22029a37e1827a19cc5b202d5268c4f9c9336a38d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:37:00 GMT
content-encoding: gzip
age: 1194247
x-guploader-uploadid: ABPtcPpSmedmNl8MNFvkkOkmJVYxMdBeOyRIHfzjw56jg2UhTI_hjfTbY1advgdOjYpoatOhgFl2p5ZfRh05wuMM9QopuFK8vzgu
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104504
last-modified: Mon, 29 Aug 2022 14:20:21 GMT
server: UploadServer
etag: "f085c7609fb7c47fb72fd768d721373e"
vary: Accept-Encoding,Origin
x-goog-generation: 1661782821233427
x-goog-hash: crc32c=qwVX7w==, md5=8IXHYJ+3xH+3L9do1yE3Pg==
content-type: text/javascript
cache-control: public, max-age=31536000
x-goog-stored-content-length: 104504
accept-ranges: bytes
expires: Thu, 14 Nov 2024 21:37:00 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 91 KB
29 KB 108ms
108ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae5b80e9d3981cd2c220de12b4a9d96d6897e0021f930fb7bbe2b1178af23d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30015
x-xss-protection: 0
server: cafe
etag: 56 / 19690 / m202311150101 / config-hash: 3080115608911758694
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 17:21:07 GMT

GET
H2 200 694 Show response
a.ad.gt/api/v1/u/matches/ Frame B8BA 12 KB
4 KB 76ms
26ms Script
application/javascript 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/694?_it=amazon
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fuintacountyherald.com%2F&ref=https%3A%2F%2Fuintacountyherald.com%2F&_it=amazon&partner_id=694
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 703b6590a492ed5252e8a6fcbb5c2eddef1b5464af3282391b7e42317f6980fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 17:19:37 GMT
server: cloudflare
age: 90
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 82dc8674dcce927d-FRA

GET
BLOB 200
OK bbde6bb3-2d4b-48f6-8d6c-ed41ca9c0ad7
https://uintacountyherald.com/ 725 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://uintacountyherald.com/bbde6bb3-2d4b-48f6-8d6c-ed41ca9c0ad7
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Content-Length: 725
Content-Type: text/javascript

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 3E20 0
649 B 60ms
14ms Script
text/html 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fuintacountyherald.com&e=wqT_3QKNBOgNAgAAAwDWAAUBCILmnasGEN6l8fiiyK_ZahgAKjYJ9aY_nUbulT8RsDg6pO9YlT8ZAAAAIIXr9T8hsA0SACkRJNAxAAAAANejwD8wl-PiAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR49_MFgAEBigEDVVNEkgUG8FWYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBFzEtdWludGFjb3VudHloZXJhbGQuY29t2ALwBuACoqgx6gIdaHR0cHM6Ly91aW50YT4pAPBYgAMAiAMBkAMAmAMJoAMBqgMAwAPYBMgDANgDv85E4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AQF4VSIBQGYBQCgBbWHs8Pzo_DrYcAFAMkFIRMcAADwP9IFCQkJDHgAANgFAeAFAfAFvfMp-gUECAAQAJAGAJgGALgGAMEGCSUs8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB_fzBdIHDRVlASYI2gcGAV6kGADgBwDqBwIIAPAHieMCiggCEACVCAAAgD-YCAHACPAG0ggGCAAQABgA&s=f62789b0145facb5d9554621bca8a5f8c001aa76&bdref=https%3A%2F%2Fuintacountyherald.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fuintacountyherald.com%2F,https%3A%2F%2F31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:07 GMT
an-x-request-uuid: 8b48fbf1-cce3-409a-9292-3889f8f1d095
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.136; 178.162.209.136; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 24DF 41 KB
14 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CuALTiiXLsN6C0McnsSLIvAmHO7iLgnHupoCWJwzddgWjpM8S42oy8GJS89Ip5zzscnZawRAdXCndPgMeiDptoKhpqey8srbsYIDtED7xU_zy11f8ztLunImgF5a6cAZxRoriiiBOiito_0W6T8SDV21unZwxEAIESdWa5aomFfDjklCI&cry=1&dbm_d=AKAmf-BawdwnbpnKakXe8ybm9TOPZt_8pfKmlGPRfXAw4-CuIC2av4WTkmbYlinLOljjxTdkuMWrIWhJ7DMgoMzYwQdi6Jdz8E1blnCCXXt993QHyh_sYRbbKq8lP6ukreA58r4n-1cJBHcc3g_VukyN4rpF8NonavTvmvtbl_h2WImGHg2w-WlUBqMut5a4FLsvztiz3_R3-OOWzYk7hFXTIOcaSTJCzh7hLb3ysurAq1jJJyMYqv_OgCDmIOuTwb69fBbIAL0lLDCy0Yd0SA488HsiXbbyhiEy59Wf-bdEyQOwZ2TakIm75w-5urED-TVH6Ux8ykhUnMYk_v9g-VZHmyBcDzMqL4H_JHfLvuBTSWGVFA5rHLJsfRNa064nIdrEmCrkia05mFRmRdFuCv9mcHID7C5hCgreE8M2u5ycFbbqeTgo-1-RVLpgOyqIIiNHoFZMqvvaUQ2nn-Cvxekd-AaDujMPS-sBPbspfKLpz2_BHYUX911P9IUlAQRFtg6NoTSeJcX-fZFCm_1Sum4Nw43VchgNxGu2ZkmEv1YqDzq9bcvYslPZkz-MIX8GcP8dv4oMDTt3MkU1GwjSqfjb94Y85hvfSpmLgbV-SYq5Xs9CqsVXfKXMGvQ33a82vkWBNAZpfYG00CMN02GwCkNBu5OTKSk1U6nIOcJj_XY6HwMRFbOoKBjDW-3HbOi3vT6zhpzVEHwNf9-fs2qqCM5tUXJ7MMhHpG7OjihIl7dKNqZk6CBGUt2LJqbhE1z-0lH4uHEBK7icgePa0Xt9erdEXrJLfB2hlzBiRStn9RWz4rpyeWHgm_ZwDIh84naAP3stZJGpZTfbDaDDO91SYs3ZrlfZZfan_AFBpXFUD--hbRX8FizBvW5jGDMGcGtsxpWm8-cx0rH6muDotie-wkcE5b5zwvwwoB4ofjRmSWTeZB7Jr-0rAu4pKa_AqRvx5BCifptQM_zpGbx7UJc5d7Komx36ORbAiIUHlDx7lLyTMNb9Tj-37SozH47npb5eNGeVppQWLx6HqwHB1AgipSWouaUAYp4SqXBzU7we5cqp2b3vlSjsfKWJhbQCE-EdYGZvTbuDFCoYjPBV59WQZiAgLgX8yj6b2_SGhQjjvcgv7b4b3dm_h636VqTvnLrVNeUfSRjOfbukHvn75soeGXw8JNL-KE5R6pXRYHIzpU3e7AINNnQ31WjfuWkHRr9gjOqdFbr0QQB2Z93yzLr9hRw9Fc8GAU2tBtq4n_uH-S0Imt1X1R_N0QZ3zX0QeSQmxk82Sk8panJFTKfy0ZvaOVv94MioguHYN0xjetyg4wDBu8KTIQQIEgOSjgza646zC-pO6JGLw6on4KnC5HC6Jp5sD5zEQI3pjk2ZjZ2eoN5RT_rPEXZQt1vV3jUsJMh1gYAgFU97fitFoC6_nw7DP35frPTY4jia2A3ldDWNtHJ3Syzcv3E7532iMzYdUy-3euNJMAGc8z9FWh-1u-wKK-7tFkIxl17qBoPdbaLXWbxGk4f2iWlpwmfIf0WfbAJNUkToVxEnk5Z9Khd-fg1I8juElwVikc7u08_G0f5wBG3dwuE9qO3QEZDuHfwARWEolBAM4fmpqDPOY3BTdNvvy5WnrfFZQUXWYN7TkiXUtGq69B3fFzwlMYRYE07VkbME7MfS18FUPS4kysUn7DMBUBDizwFIGJ21xCKlf1jACbk_1kJOoDEt9PdDlnfD2sAIarXKNNsSsJR3FkxOXW52hemSU1NJSupX5w7EaWs8_GLbHWpR_psui0tK2hGWMsoAOW8jauuZ6fvfdPczE7YiAv5ir-mLbDPb_plh7afQ8KgdiOh2FmBTAAXzXyBYF-ctQzCfb97MTN_u2TmFAoszN1KRR11x_V8ojHinofAkXHEhi1k_4JEx55TmixYzfE6S8fiHErmw7sXNwPfwzgqD7ptS9M3wPv4j6g7LlbqWnD9T3M5e3V15Zds0iz9Sgui6hMaksN_aeA5HifjapXg3G1gy4EF14lQXw6j1J8z3cQ5B5fDMu5aEGv43zkJCoM-0I1SYJ5Ui98ZvcXiPVDO-3mZrRJMYFwbCAb-AsmkYUonuGVz9J_wQ5rnkh6pv4tVP2mq0unqYTXiJSuQlP1yuLN-QHBTD61_k88j3NYRRHfyyKYdZE1Cw3XezUEWYkapnUgWua97rGLB2m94DUAlLs-JMAQErvlqdb2JqITd9yzQVIYxpQcSDy6y6D_z3tqeZ7mrtn-QywdBh2GuG5uWP5qOjnMS3Ht9rTw-lDGO088c2Lpk3Xcaz6GjCxAToF-NJTKirUiQaixsAG2eIJLtMgNyD7paprUpNeiHGcauFxQocj7Fy3LiUvyC2LktyYEoDdqiD2g8Vn7GpRQDRZKCLrX6VrNjjVX_JYHtWQxnb3ITtdPsIxLGTERCqkvVdHC0ehPbDvt_hIYyOxWwU604qNo5s2dmARph3AaB-OFGOAAER4uFKQu-2StYwSUuzeGKr9vd01ETAIFOfhIuhwXX9tpVihlO8lGPjGC9Nu6XlXF6Q9RxUQrcAunRzBQVs2BVTYLCI6f5bmnfubPNW0pO68ekpIuhop8o4SOLHTcUBxyhKqJLQf-Wak1lwS4TEk4UgBlYidyOA6eWH_rFcditFAPb6DRIZq3CY5t-BBNtpw45hnka5-z43VdT5S_1Mq8MfGjNzaSmFQ8BDcqsBNV6UuiF4w_MOFCMVizhHA--MT6iFYq13bzz52cXWXkfzou6eExj5dHVOTkgRV-LGVloMKtViCGkCptR_PH_NmpyadJSz64Iad1b8dV7z8vru-bHbWLsRGrfqf-1IKMGItcWeQg87NZhJGyvnufAvDS0amRd-n0uBJ5FrBC08TR0g0jYjv-EfgsDZO6iKbOnAhhSoCCZE4ZHcyxflpmEDkdLAAIp6eqAuGHQhSNDAZMboijlHfL8-SemuehI-QHRMUq2yQTSJdKebSXCwiYafaGERPqtCv4tedpAVet3H-v0R10wzE3PEYY_r8-v4bW6y6VR8J5-WyQjGoOwQ9UpfuWgtZCebE-2rvYQfBm11j2mRxSK_Z9B0cE6ZO3jy4qgqN8KmtrfVvbUg-RhzBWuBoOUi6In5zofEdA11EYFUq3-8CLtItHyBwYNV3kpYrjzgtCxgHNZs9paIPw2tnCrrLYE9WZ3DZ2tpXuzJqC3cplaLGJVLu8-4Uxperl-858zwaIRSsmnL3-0c3B6fZbf4vvs8_UK8_ZFbTEIejxH5vIP2xbTWSpMpaJNjv9KMdWNJeSjRPUZRd_ue72a5wmst-WtrscR96wjhhhTawgwFQLAZOTtCk5cBKlhBizMDE3DyqThcagTtdvFi0JoHxb12r6QPwzhirswBDJp8GwxCVCD9VZwiWFhrHrtp4QtNDcAiDxx9WzguX1-Im_wZYYq4ydfty9ehVXRBh7GSCblDuw_qyL10LX4-kEPhr4jB--5zuvNvt9LPM8Ft2-Oe_n5FCPw8RfTWuP5PIyeXzHQGG6X3XqyzMhztpVWem87rWXcBcdg2rZ1JGd3B2mdoyC5SY3w7P-R53GqdpyvIMg0-l5_jGskoqFWtLWgRom6tE9uin0xqoIV7Xs8qNbBrSB1bHurW7zFhXlGdLyu0XbaaoOkZKCyaOatrfIj59rZFrbUcqUgm44MAjmvliRU_vVLcZ01T5Ej0077ZHehSBfiiCjJ6ZoRizfpfk5bQH5mXWnf545_kZtUP2IqJ8bz4Mna1YtduoZDa5FlrQUSmO4dEWs1hWfLrK1gDNNpp0DHliIItb-10GYNUsTdpnyfGazByskXuZ6fGA38YAiZ7A46lphZxiS7xBSha6Vz46j9DHweFQy0W0R_A_B-0v7rLGOVsf1wX7cLk9VwAg-7pBjJpRRynfYJ_jaRihpFYqGcE8HR0Ne0GZENeBusXi32FIQTZYiflBpMUrfMENPLXgeip9br3EBqkXJFhos8BIN0XrHLN2jYrt9KD-JmzovV4F07MTbZ9-ddzHttC2D6AsLEPkd46EQoCycQo7iLjC-zUEQPWRwVEqekY7XUVZKi-jX38vYS7Pq_BHvzl6yDneW6zS5y5htd1yke4jrtPMeGy&cid=CAQSTwDICaaNf9hJraJQNyvMzWAbM4E9GrNjAEMHzI5jTaHKLWA23IXjuBuOZjjuHwbRELNHblf-PfkN1L8D5HnVz2RXwTVUUXhxOM_9PO4LxgMYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fuintacountyherald.com%2F&ds=l&xdt=1&iif=1&cor=13114803937138008000&adk=2228999115&idt=112&cac=0&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 429359
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 18:05:08 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTI3ODQ2NzE2NTA2MQogIHNlcnZlcl9pcDogMTI2MDY0MTU3CiAgcHJvY2Vzc19pZDogMjYzNDg5NjQyOQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 24DF 0
859 B 114ms
50ms Image
image/png 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTI3ODQ2NzE2NTA2MQogIHNlcnZlcl9pcDogMTI2MDY0MTU3CiAgcHJvY2Vzc19pZDogMjYzNDg5NjQyOQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxOTk5NzQ5NTM3NTk3MjUyMjk4CmRlYnVnX2tleTogMTAyMDg5NjY4MzA1MDkwODIxNjgKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTExLTI5IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIxNjA0MTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjY2MDE0MjA2MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNjIxNjk4NgogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vYWQtc3J2Lm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2tsaWNrLXdlbHQuZGUiCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:07 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xdcef201938bdf00c0000000000000000","13":"0x944de669759348fb0000000000000000","14":"0x78c55fa5da1cfd1f0000000000000000","15":"0xba30a4998eff6d8d0000000000000000"},"debug_key":"10208966830509082168","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["11868943"]},"priority":"0","source_event_id":"1999749537597252298"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK jf2y0amzcvu0 Show response
hal9000.redintelligence.net/zone/ Frame 24DF 12 KB
4 KB 46ms
12ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/jf2y0amzcvu0?subid=&gdpr=&gdpr_consent=&rnd=1701278466384731&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwEZWAnNnZdu9F96hjuwPiIG68AOm5b2gab2YnKfJD_AuEAEgh9vqC2CV8ouCmAfIAQmpAr4Xm8ULarI-qAMByAObBKoEpwJP0OOZgezscI_hpGUahTrqMbqbrcMfc3p7YM62cQ8P5E4NEQ9bE6bRT3IkXNLg__oC1fMsLrh6bwkS_0-GgROy4v9xrg9ISgx0kk_rtOyCyl3FThaMO9JvPvXHlSMCRCexCSRrK4k9R6GpsgHslxm0e549d4_Dli1nJOL-4IJRSD1yPnJ0q5I8eitW96mLFFHt3UtUR8kMqcYL3BEDHiognty0UtOdZSBPsgTnnzxe_2IMsBQS048FjOO3PoFiMPq6k0d02xhItq9eoF0SsTIRNhE45iE8hK2EDt6HHgwv-SHiUH5yDzEjLdUFyjs6QrjI--Alz8lMQqW24fMIgYp3-E7i4m4Mx8YetTJDLW8pRwTY5c7E_3vu-s6netClQ1QA9Tfb0z2_wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WI-HmpXc6YIDgAoBmAsByAsBgAwBogwQKg4KDOS0sQLutbECtbixAqoNAkRF4g0TCN_9mpXc6YIDFd6QgwcdiIAOPrATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNf9hJraJQNyvMzWAbM4E9GrNjAEMHzI5jTaHKLWA23IXjuBuOZjjuHwbRELNHblf-PfkN1L8D5HnVz2RXwTVUUXhxOM_9PO4LxgMYAQ%26sig%3DAOD64_2NJAUNVuDsa69UpFU0QGTdFIt3OQ%26client%3Dca-pub-2421836933502242%26dbm_c%3DAKAmf-D8_YMbRYksVf-TnKC44LDEJYo9W22IXRQBcz5c95LAe2MqDwALL6JQGLRC7GutBJekaUDCeQxukCly3VPx2LKblPVPYH_9GjBEeX4N27mrA6L3dExG_7Pu26nR8cnBWjjvFUMjxpHbQvgaSvBykjWQUucJWB2Jmdx3ijQj2hUj5w3OZUs%26cry%3D1%26dbm_d%3DAKAmf-D0vS_javxXf05v29tONtvXieWhaslUamS0L6IeTdQMaXr_mvhPPHIwKq-l3nXa5uf_0Z1svyEygONo235jlWPpuaDQn5P3EdpRAwMoKVIU7GiTdjZJ71XA177PKk_AC4_mhCbYScqKRxpML17_DZeYWWaJtaba_7jfRf6zqH_-36yMJCBwFCyTMOka_U2Z4PCgwlLVC9F83cUYhZuXx6xwjdjDG_1n96O_3GTWEAIKHYmg9srOyxqTN-xnJLVNJL_DCUP_Xi5-m3fKt0mqklIXLUueWHSHJEI9Jw51tbgLszVJ_seMvPQREqALas9RZ9xOHS8YZX7F_Et3EvvQEHukZdZGQyFG64iesXOrsuabaH1UISKr5hqwkd4-PioQOxSZbTx30hGvQg1qaGIFYNhXN1teJOI3xrUkaO5Tgvgy2rtD876Cbxd6f8lZN097e9wc3ElQHIgLc9JpfZLDjKt_fzIReO6ks66SEgCbC7cS6LpaSGsNcbnNSF5sNg1s1xCm0PnlP-AhRpKveRM43h4RwjU9GUewS2jixDj-oU61MNkWiPY%26adurl%3D
Requested by: Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: ad0009e2696733505c26c03ccc176485c9b1869e8b8858eb2871237140562971

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 17:21:07 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4258
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
BLOB 200
OK 09289235-3425-4fa7-9b2a-46bdb1439290
https://uintacountyherald.com/ 288 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://uintacountyherald.com/09289235-3425-4fa7-9b2a-46bdb1439290
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Content-Length: 288
Content-Type: text/javascript

HEAD
H/1.1 200
OK x.html Show response
js.ad-score.com/ Frame 77CC 0
564 B 25ms
14ms XHR
text/html 2600:9000:26db:2800:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/x.html?v=d54c666&pid=1000177
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/x.html?v=d54c666&pid=1000177
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:2800:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.ad-score.com/x.html?v=d54c666&pid=1000177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 15:14:09 GMT
Content-Encoding: gzip
Via: 1.1 106a2e3801afa4dfd5bd4bfaeb93d526.cloudfront.net (CloudFront)
Last-Modified: Wed, 29 Nov 2023 14:28:08 GMT
X-Amz-Cf-Pop: MUC50-P3
Age: 7618
Access-Control-Allow-Methods: GET
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Id: 6ZseIw7S4GDPuvPgN3bheOS2frVvakVB1dqiSgJVa1tTvL7KIShiLw==

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 4D23 38 KB
13 KB 14ms
13ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 309747
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 03:18:40 GMT
expires: Mon, 25 Nov 2024 03:18:40 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal900024.redintelligence.net/ Frame 24DF
Redirect Chain

https://hal900024.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=2b100a9aa3&subid=&uid=2d40f33adb961950&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900024.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=2b100a9aa3&subid=&uid=2d40f33adb961950&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

125ms
103ms

Script
application/x-javascript

138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900024.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=2b100a9aa3&subid=&uid=2d40f33adb961950&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwEZWAnNnZdu9F96hjuwPiIG68AOm5b2gab2YnKfJD_AuEAEgh9vqC2CV8ouCmAfIAQmpAr4Xm8ULarI-qAMByAObBKoEpwJP0OOZgezscI_hpGUahTrqMbqbrcMfc3p7YM62cQ8P5E4NEQ9bE6bRT3IkXNLg__oC1fMsLrh6bwkS_0-GgROy4v9xrg9ISgx0kk_rtOyCyl3FThaMO9JvPvXHlSMCRCexCSRrK4k9R6GpsgHslxm0e549d4_Dli1nJOL-4IJRSD1yPnJ0q5I8eitW96mLFFHt3UtUR8kMqcYL3BEDHiognty0UtOdZSBPsgTnnzxe_2IMsBQS048FjOO3PoFiMPq6k0d02xhItq9eoF0SsTIRNhE45iE8hK2EDt6HHgwv-SHiUH5yDzEjLdUFyjs6QrjI--Alz8lMQqW24fMIgYp3-E7i4m4Mx8YetTJDLW8pRwTY5c7E_3vu-s6netClQ1QA9Tfb0z2_wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WI-HmpXc6YIDgAoBmAsByAsBgAwBogwQKg4KDOS0sQLutbECtbixAqoNAkRF4g0TCN_9mpXc6YIDFd6QgwcdiIAOPrATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNf9hJraJQNyvMzWAbM4E9GrNjAEMHzI5jTaHKLWA23IXjuBuOZjjuHwbRELNHblf-PfkN1L8D5HnVz2RXwTVUUXhxOM_9PO4LxgMYAQ%26sig%3DAOD64_2NJAUNVuDsa69UpFU0QGTdFIt3OQ%26client%3Dca-pub-2421836933502242%26dbm_c%3DAKAmf-D8_YMbRYksVf-TnKC44LDEJYo9W22IXRQBcz5c95LAe2MqDwALL6JQGLRC7GutBJekaUDCeQxukCly3VPx2LKblPVPYH_9GjBEeX4N27mrA6L3dExG_7Pu26nR8cnBWjjvFUMjxpHbQvgaSvBykjWQUucJWB2Jmdx3ijQj2hUj5w3OZUs%26cry%3D1%26dbm_d%3DAKAmf-D0vS_javxXf05v29tONtvXieWhaslUamS0L6IeTdQMaXr_mvhPPHIwKq-l3nXa5uf_0Z1svyEygONo235jlWPpuaDQn5P3EdpRAwMoKVIU7GiTdjZJ71XA177PKk_AC4_mhCbYScqKRxpML17_DZeYWWaJtaba_7jfRf6zqH_-36yMJCBwFCyTMOka_U2Z4PCgwlLVC9F83cUYhZuXx6xwjdjDG_1n96O_3GTWEAIKHYmg9srOyxqTN-xnJLVNJL_DCUP_Xi5-m3fKt0mqklIXLUueWHSHJEI9Jw51tbgLszVJ_seMvPQREqALas9RZ9xOHS8YZX7F_Et3EvvQEHukZdZGQyFG64iesXOrsuabaH1UISKr5hqwkd4-PioQOxSZbTx30hGvQg1qaGIFYNhXN1teJOI3xrUkaO5Tgvgy2rtD876Cbxd6f8lZN097e9wc3ElQHIgLc9JpfZLDjKt_fzIReO6ks66SEgCbC7cS6LpaSGsNcbnNSF5sNg1s1xCm0PnlP-AhRpKveRM43h4RwjU9GUewS2jixDj-oU61MNkWiPY%26adurl%3D&documentReferer=https%3A%2F%2Fuintacountyherald.com%2F&ancestorOrigins=https%3A%2F%2Fuintacountyherald.com&random=2536230231512&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: f7146ec48f5f79a5b5a9788163ed38dada4ce3e102c07118dd94dab86dc0fb46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Nov 2023 17:21:07 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 95830400148260204444978012523024
Connection: close
Content-Length: 1352
Expires: Wed, 29 Nov 2023 17:21:07 +0100

Redirect headers

Pragma: no-cache
Date: Wed, 29 Nov 2023 17:21:07 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=2b100a9aa3&subid=&uid=2d40f33adb961950&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwEZWAnNnZdu9F96hjuwPiIG68AOm5b2gab2YnKfJD_AuEAEgh9vqC2CV8ouCmAfIAQmpAr4Xm8ULarI-qAMByAObBKoEpwJP0OOZgezscI_hpGUahTrqMbqbrcMfc3p7YM62cQ8P5E4NEQ9bE6bRT3IkXNLg__oC1fMsLrh6bwkS_0-GgROy4v9xrg9ISgx0kk_rtOyCyl3FThaMO9JvPvXHlSMCRCexCSRrK4k9R6GpsgHslxm0e549d4_Dli1nJOL-4IJRSD1yPnJ0q5I8eitW96mLFFHt3UtUR8kMqcYL3BEDHiognty0UtOdZSBPsgTnnzxe_2IMsBQS048FjOO3PoFiMPq6k0d02xhItq9eoF0SsTIRNhE45iE8hK2EDt6HHgwv-SHiUH5yDzEjLdUFyjs6QrjI--Alz8lMQqW24fMIgYp3-E7i4m4Mx8YetTJDLW8pRwTY5c7E_3vu-s6netClQ1QA9Tfb0z2_wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WI-HmpXc6YIDgAoBmAsByAsBgAwBogwQKg4KDOS0sQLutbECtbixAqoNAkRF4g0TCN_9mpXc6YIDFd6QgwcdiIAOPrATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNf9hJraJQNyvMzWAbM4E9GrNjAEMHzI5jTaHKLWA23IXjuBuOZjjuHwbRELNHblf-PfkN1L8D5HnVz2RXwTVUUXhxOM_9PO4LxgMYAQ%26sig%3DAOD64_2NJAUNVuDsa69UpFU0QGTdFIt3OQ%26client%3Dca-pub-2421836933502242%26dbm_c%3DAKAmf-D8_YMbRYksVf-TnKC44LDEJYo9W22IXRQBcz5c95LAe2MqDwALL6JQGLRC7GutBJekaUDCeQxukCly3VPx2LKblPVPYH_9GjBEeX4N27mrA6L3dExG_7Pu26nR8cnBWjjvFUMjxpHbQvgaSvBykjWQUucJWB2Jmdx3ijQj2hUj5w3OZUs%26cry%3D1%26dbm_d%3DAKAmf-D0vS_javxXf05v29tONtvXieWhaslUamS0L6IeTdQMaXr_mvhPPHIwKq-l3nXa5uf_0Z1svyEygONo235jlWPpuaDQn5P3EdpRAwMoKVIU7GiTdjZJ71XA177PKk_AC4_mhCbYScqKRxpML17_DZeYWWaJtaba_7jfRf6zqH_-36yMJCBwFCyTMOka_U2Z4PCgwlLVC9F83cUYhZuXx6xwjdjDG_1n96O_3GTWEAIKHYmg9srOyxqTN-xnJLVNJL_DCUP_Xi5-m3fKt0mqklIXLUueWHSHJEI9Jw51tbgLszVJ_seMvPQREqALas9RZ9xOHS8YZX7F_Et3EvvQEHukZdZGQyFG64iesXOrsuabaH1UISKr5hqwkd4-PioQOxSZbTx30hGvQg1qaGIFYNhXN1teJOI3xrUkaO5Tgvgy2rtD876Cbxd6f8lZN097e9wc3ElQHIgLc9JpfZLDjKt_fzIReO6ks66SEgCbC7cS6LpaSGsNcbnNSF5sNg1s1xCm0PnlP-AhRpKveRM43h4RwjU9GUewS2jixDj-oU61MNkWiPY%26adurl%3D&documentReferer=https%3A%2F%2Fuintacountyherald.com%2F&ancestorOrigins=https%3A%2F%2Fuintacountyherald.com&random=2536230231512&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Wed, 29 Nov 2023 17:21:07 +0100

GET
DATA 200
OK truncated
/ Frame 3E20 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b11ad05fc3967e29cb58c43ef9713a8cc382607f3782c40499c44e80ee6e4d6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 3E20 0
698 B 15ms
14ms Ping
text/html 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fuintacountyherald.com&e=wqT_3QKrB-irAwAAAwDWAAUBCILmnasGEN6l8fiiyK_ZahgAKjYJ9aY_nUbulT8RsDg6pO9YlT8ZAAAAIIXr9T8hsA0SACkRJNAxAAAAANejwD8wl-PiAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR49_MFgAEBigEDVVNEkgUG8FWYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBFzEtdWludGFjb3VudHloZXJhbGQuY29t2ALwBuACoqgx6gIdaHR0cHM6Ly91aW50YT4pAFiAAwCIAwGQAwCYAwmgAwGqA5oDCrACaA0zHHd3dy5iaW5nAVPweS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1jYTRmNjU2ZC04Mjk5LTQ4YjctOGIwNS1hOTJiYjU1Y2M0M2MmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVHVwgcHVibGlzaGVyATggNjI2NDUzMzAmAQ4AY45xALhydHlwZT1udXJsJnRhZ0lkPTc5MDk3ODMmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZ8O1wYmFnZWJ5JmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNzY4ODQxNjcwNTM0MjM2MjMzNCIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOekk0TkRJNU56Z3hOVGczT1RNak1qTXlORFkwTWpRMU9UUTNOak14Tnc9PcAD2ATIAwDYA7_OROADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBbWHs8Pzo_DrYcAFAMkFAAAAAAAA8D_SBQkJQboBAXDYBQHgBQHwBb3zKfoFBAgAEACQBgCYBgC4BgDBBgEhATEk0AbCjQTaBhYKEAkSGQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAf38wXSBw0JESgBJgjaBwYBXrAYAOAHAOoHAggA8AeJ4wKKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=b1b0f92bc214eefa7c5a29624df3a87a27a2737f&type=nv&nvt=5&jm=1140|1141|1003&px=0&py=0&bw=300&bh=157&sid=1288949741374884853&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7909783&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:07 GMT
an-x-request-uuid: 9ba49f9d-7602-40aa-a38f-0a200458792e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.136; 178.162.209.136; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3E20 0
0 62ms
61ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cr42nAnNnZdq9F96hjuwPiIG68APS4Nfgbo-ktpOTCsCNtwEQASAAYJXyi4KYB4IBF2NhLXB1Yi0yNDIxODM2OTMzNTAyMjQyyAEJ4AIAqAMByAMCqgSfAk_QYDf3aByP2I_vFR67UxxNWD8t4a5fZN-hx6JWO1AVHcICxQODtNSr-xpS6bHwWBqYh_wUVGxNV7yZnGHIjyVcm3O5rfCgO8eifv-eTXPPVRCA-OqezU43XZ2uHK-AWsEjUVy0b_P9WkiVEmB7xZeDEC-gDjx8nN9quGis0TKwSVFW-DzUhslwDLtJ-85gFcppyiYwQnPdttU_Yh5EJQYB_ZoQ4OM8hNNnVOUeLV3q3JWc13J47GqZi4S-wuhUKsYBW4Js8ra9aNLuTxsAaJmh9tUVgpA2NrKUpH37VqPVzQQQYQyEmfHHgbXYhjrJ_FOqHxJT1TMKw6nCdv8gsuabxaM4t7sw05-DvbteR8RGxH2yf3ub7xdM2CHe1gJd4AQBgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WI-HmpXc6YIDgAoB-gsCCAGADAHiDRMI3v2aldzpggMV3pCDBx2IgA4-0BUBgBcBshccChoSFHB1Yi0yNDIxODM2OTMzNTAyMjQyGMu9Kg&sigh=HZ394WscZOc&uach_m=%5BUACH%5D&cid=CAQSTwDICaaNf9hJraJQNyvMzWAbM4E9GrNjAEMHzI5jTaHKLWA23IXjuBuOZjjuHwbRELNHblf-PfkN1L8D5HnVz2RXwTVUUXhxOM_9PO4LxgMYAQ&cbvp=2&vis=1
Requested by: Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 3E20 0
648 B 14ms
14ms Image
text/html 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fuintacountyherald.com&e=wqT_3QKrB-irAwAAAwDWAAUBCILmnasGEN6l8fiiyK_ZahgAKjYJ9aY_nUbulT8RsDg6pO9YlT8ZAAAAIIXr9T8hsA0SACkRJNAxAAAAANejwD8wl-PiAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR49_MFgAEBigEDVVNEkgUG8FWYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBFzEtdWludGFjb3VudHloZXJhbGQuY29t2ALwBuACoqgx6gIdaHR0cHM6Ly91aW50YT4pAFiAAwCIAwGQAwCYAwmgAwGqA5oDCrACaA0zHHd3dy5iaW5nAVPweS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1jYTRmNjU2ZC04Mjk5LTQ4YjctOGIwNS1hOTJiYjU1Y2M0M2MmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVHVwgcHVibGlzaGVyATggNjI2NDUzMzAmAQ4AY45xALhydHlwZT1udXJsJnRhZ0lkPTc5MDk3ODMmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZ8O1wYmFnZWJ5JmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNzY4ODQxNjcwNTM0MjM2MjMzNCIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOekk0TkRJNU56Z3hOVGczT1RNak1qTXlORFkwTWpRMU9UUTNOak14Tnc9PcAD2ATIAwDYA7_OROADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBbWHs8Pzo_DrYcAFAMkFAAAAAAAA8D_SBQkJQboBAXDYBQHgBQHwBb3zKfoFBAgAEACQBgCYBgC4BgDBBgEhATEk0AbCjQTaBhYKEAkSGQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAf38wXSBw0JESgBJgjaBwYBXrAYAOAHAOoHAggA8AeJ4wKKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=b1b0f92bc214eefa7c5a29624df3a87a27a2737f&pp=ZWdzAgAF3toHg5DeAA6AiJ_lSPN54V_iuHzsZg&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOfGiAnNnZdq9F96hjuwPiIG68APS4Nfgbo-ktpOTCsCNtwEQASAAYJXyi4KYB4IBF2NhLXB1Yi0yNDIxODM2OTMzNTAyMjQyyAEJ4AIAqAMByAMCqgSiAk_QYDf3aByP2I_vFR67UxxNWD8t4a5fZN-hx6JWO1AVHcICxQODtNSr-xpS6bHwWBqYh_wUVGxNV7yZnGHIjyVcm3O5rfCgO8eifv-eTXPPVRCA-OqezU43XZ2uHK-AWsEjUVy0b_P9WkiVEmB7xZeDEC-gDjx8nN9quGis0TKwSVFW-DzUhslwDLtJ-85gFcppyiYwQnPdttU_Yh5EJQYB_ZoQ4OM8hNNnVOUeLV3q3JWc13J47GqZi4S-wuhUKsYBW4Js8ra9aNLuTxsAaJmh9tUVgpA2NrKUpH37VqPVzQQQYQyEmfHHgbXYhjrJ_FOqHxJT1TMKw-vAV23iFhz2UVlMAiVpVymHnrHaTupeHd80Jv8nbz1gwOFfNG_Je8Wz4AQBgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WI-HmpXc6YID-gsCCAGADAHiDRMI3v2aldzpggMV3pCDBx2IgA4-0BUBgBcB%26num%3D1%26sig%3DAOD64_1sOP19_XsjO-JdXhR5ygMFvw-ebw%26client%3Dca-pub-2421836933502242%26adurl%3D&cbvp=2

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:07 GMT
an-x-request-uuid: 2b126bcf-c2f4-4f6c-9cc0-ffc9865fbaff
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.136; 178.162.209.136; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 4D23 39 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:18:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 15:18:01 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
532 B 84ms
28ms XHR
application/json 216.52.2.6
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.13.0-pre
Requested by: Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e8794756b493b60c2a9881aad87e666cc00f24398ff0d075d31ad2a771b876bc

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 29 Nov 2023 17:21:07 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://uintacountyherald.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

GET
H2 200 arj Show response
justapinch-com-d.openx.net/w/1.0/ 174 B
596 B 136ms
50ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://justapinch-com-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fuintacountyherald.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=1b8d92c8-5d4c-46c0-b5f4-c3ec8d464ad3%2C47f45eab-94a0-4c00-9c69-c82df1e97485&nocache=1701278467519&gdpr_consent=&gdpr=0&schain=1.0%2C1!americanhometownmedia.com%2C00029%2C1%2C%2C%2C&aus=300x250%7C300x250&divids=ahm_widg_id_12%2Cahm_widg_id_13&aucs=%2C&auid=544092684%2C544092684
Requested by: Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 962bbcc401128785f742b72e8242b131004d431bac63ba3adf2cb2e998202dc0

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:07 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://uintacountyherald.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ 113 B
915 B 701ms
94ms XHR
application/json 69.166.1.64
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%228cceb7c603404%22%3A%22756efff2836db95a6c52%7C300x250%7Cgpid%3D%2F281191609%2C129995211%2Ftrx_newsmediacorp%2Fuintacountyherald.com%2Cc%3Dd%2C%22%2C%2296dcb175d1e2c5%22%3A%22756efff2836db95a6c52%7C300x250%7Cgpid%3D%2F281191609%2C129995211%2Ftrx_newsmediacorp%2Fuintacountyherald.com%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fuintacountyherald.com%2F&s=5a5b3d29-c50e-47f4-84a6-31eb4b05086a&pv=05fc41e7-8210-456e-9cae-a9819218777e&vp=desktop&lib_name=prebid&lib_v=7.13.0-pre&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fuintacountyherald.com%2F%22%2C%22domain%22%3A%22uintacountyherald.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22uintacountyherald.com%22%7D%2C%22keywords%22%3A%22BreakingNewsfromyourLocalNewsSourceLeaderinEvanston%2CWyoming%7CUintaCountyHerald%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%7D&ius=1&gdpr=false&schain=%7B%22complete%22%3A1%2C%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22americanhometownmedia.com%22%2C%22sid%22%3A%2200029%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.166.1.64 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

90e8f883ccce42b125beabcd398d15313d6b72ca5d069adfb11776f1f057f13d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:08 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-203
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type: application/json
access-control-allow-origin: https://uintacountyherald.com
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-length: 138
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 200 page-view
yeet.revcontent.com/yeet/events/ Frame 0
0 51ms
36ms Preflight 54.76.85.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/page-view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.76.85.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-85-248.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://uintacountyherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://uintacountyherald.com
content-length: 0
date: Wed, 29 Nov 2023 17:21:07 GMT
server: envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 4
x-rc-region: eu-west-1c

OPTIONS
H2 200 widget-loaded
yeet.revcontent.com/yeet/events/ Frame 0
0 51ms
36ms Preflight 54.76.85.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.76.85.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-85-248.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://uintacountyherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://uintacountyherald.com
content-length: 0
date: Wed, 29 Nov 2023 17:21:07 GMT
server: envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 5
x-rc-region: eu-west-1c

POST
H2 204 page-view
yeet.revcontent.com/yeet/events/ 0
0 34ms
34ms Fetch 54.76.85.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/page-view
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.76.85.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-85-248.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: application/json

Response headers

x-rc-region: eu-west-1c
access-control-allow-origin: https://uintacountyherald.com
date: Wed, 29 Nov 2023 17:21:07 GMT
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: Origin

POST
H2 204 widget-loaded
yeet.revcontent.com/yeet/events/ 0
0 34ms
34ms Fetch 54.76.85.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.76.85.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-85-248.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: application/json

Response headers

x-rc-region: eu-west-1c
access-control-allow-origin: https://uintacountyherald.com
date: Wed, 29 Nov 2023 17:21:07 GMT
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: Origin

GET
H2 200 _jvg1ELEJFAfiKmZFmw3TCOLYIf2XDjt3jNh0iiXyTlXPwxrjFzosyejklsgXbCq_tee3tk5OqW3fFfNWM4SYR1HAM_VkG2E97L8MQ46tBGvazX767y4Bg=w600-h400-p-rj-l68-e365
lh3.googleusercontent.com/ 57 KB
57 KB 24ms
24ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/_jvg1ELEJFAfiKmZFmw3TCOLYIf2XDjt3jNh0iiXyTlXPwxrjFzosyejklsgXbCq_tee3tk5OqW3fFfNWM4SYR1HAM_VkG2E97L8MQ46tBGvazX767y4Bg=w600-h400-p-rj-l68-e365

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

67a0efe7750de1fd405c1e45e4d372df8edae60331f8f91a348ffb615811fa59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:20:56 GMT
x-content-type-options: nosniff
age: 3611
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58721
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=7776000, no-transform
timing-allow-origin: *
expires: Tue, 27 Feb 2024 16:20:56 GMT

GET
H2 200 CoD3Aaz0Fxl9ZeW8r_txbeQAFJV2-yrEcUEJ9tkci9cYXlgWPKPzdUxvyYJihfKipI5pxBwMW8KLAiHhR_hLijgaLAvHrQ2eMjXKcIjZ=s42-p-rj-l68-e365
lh3.googleusercontent.com/ 927 B
990 B 30ms
30ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/CoD3Aaz0Fxl9ZeW8r_txbeQAFJV2-yrEcUEJ9tkci9cYXlgWPKPzdUxvyYJihfKipI5pxBwMW8KLAiHhR_hLijgaLAvHrQ2eMjXKcIjZ=s42-p-rj-l68-e365

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5db6ba4765f1c66bd5f451cdfad18c7d12a5fb2615b9d561a20b63b39e098cfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:20:56 GMT
x-content-type-options: nosniff
age: 3611
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 927
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=7776000, no-transform
timing-allow-origin: *
expires: Tue, 27 Feb 2024 16:20:56 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4D23 0
20 B 50ms
50ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BvVDWA3NnZcWJCp2sjuwPrai16AkAAAAAOAHgBAI&bg=!19Sl1JvNAAZxrfrxUa07ADQBe5WfOLjjhf7h9TgNdZafk2MI2AuiPsINxOFRlEUq4V3V2R9nkdYGK0v6J5C5FhN1yGfDAgAAADxSAAAAAWgBB5kC_3zamS-7a_ubhDwZObxgLp_8SFW7Dyt83KnXEpUkRfJi9wa20o8NzjDJdy35daIphqtZ3qCn34IG_eV7D9ynUop0z7WxGi-2RNRwptoucLYXQ5zPm3uFyDmzXQxZSsQGqcTzVwS549RpjrAEzEFFpc8VE7UAxEtmuDm3GlylDC2cT_YtJzc4u6W79lKMNUfF4oKJvlSuINa-HdId3dncpMaVMeRguorTQjPRXGGXz1u15x5rxHLNXmc_N4lyfE14A0ZBdNFnXdEc4oeXIvuIfx0BaR1c37FATq5ATdw-iCOx1vo2r8aZYLprHElr979jG5cuTTj41sex4DKeBOHih1pNeOV2xwkuuu0urUTR9MmSaA1Iwx0mbLjssEUrlX9EaE1n4sbAV-rNKqH8nQM7v6BoeySFNaqjYvSRfO15HEQLswYKIVeOrRZHc-8yuLt0ox45XZgqWi43hVvO_QkZw6hfv_fWnf35DkzWgJfjDbBU52cdfP8L0ceszTxWbDkfp5Vy9p1m2OS09fuJdLCl_lbgJMWrdZVWuDRTS7YdIQ1KyYfGMveAnImKBdbRaBuZQxdv5MsEgtutXnoAHDl2GgLbyocXIuygDjebkqsDOadUrVeUtVbEadTZU1SdQnotVOSrBLT9SXeA1tUAEecgrHGUBcw9nwfBV3-mwR0KpeeqlGecAz8h_b8NEDw6NZk_RWg1Q-1UkKUOD84rZC3oH0ULMFqP0yO84p_68jbKrBnQPL-co1D_2PTyrsqVJCBW2-QJp855uXY9G3um5tFz9i_7Guv-eErAucf4Tevltxe2mzvnTBrAAKgiJkPNXYSs7E9kuPEsXFkznylKt4xF7Nxd8dI0Rx1YWR_tQ9vMc4HSfJYHqfQulqR9jnE1Ac-W-Ea_6W3Mx4nJa9x8BFDmmnmHnapjkef3oJcavuyHBZuvbdBXpnAjEZuUaIZf5t3hG-NQ-541n_LWiei3S4yRoIq1Z2RSe0zk7iNs8l97zyda6-keqwl7rff8SGzlp0hI

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 103ms
103ms Ping
image/gif 44.193.179.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=YN0wpIaGPS26lSSU&instance=214903750&version=7.27.3&age=231129&ldt=BIDS&key=Be6nXXXs&c_id=12385&seq=1&order=5&vIndex=0&absoluteTime=2992.1&relativeTime=1161.9&sm_id=3205108&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=8783&load=1&status=LVFNMNIY&ac_id=2008&bidIndex=1&prebid.cid=0&prebid.bidders.rubicon.time=216.9&prebid.bidders.unruly.time=513.3&prebid.bidders.triplelift.time=54.4&prebid.bidders.pubmatic.time=191.3&prebid.bidders.undertone.time=212.3&prebid.bidders.ix.time=188.1&prebid.bidders.appnexus.time=168.1&prebid.start=2475.5&prebid.time=516.1&prebid.timeout=3000&adIndex=-1
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.27.3/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.179.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-179-92.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:07 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame E33A 156 B
143 B 250ms
199ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F92056281%2Fuintacountyherald-premium&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D214903750-YN0wpIaGPS26lSSU%26schain%3Dstnvideo.com%2COs1rviljg-Vo7CkRLAuBsw%26content%3D8783%26placementType%3DPremium%26embed%3DBe6nXXXs%26domain%3Duintacountyherald.com%26player_size%3Dmedium%26player_width%3D400%26player_height%3D227%26player_type%3Dbarker%26smartmatch%3Dno%26version%3D7.27.3%26player_status%3DLVFNMNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00157%26rand%3D3%26uhr%3D18%26iris_id%3Diris_887d2ac77c34474a%26iris_context%3Dic_2782847%2Cic_5073780%2Cic_6902683%2Cic_7993673%2Cic_4852208%2Cic_9564594%2Cic_6367414%2Cic_3849004%2Cic_4619843%2Cic_2115263%26us_privacy%3Dfalse%26keywchk%3Dok&url=https%3A%2F%2Fuintacountyherald.com%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fuintacountyherald.com%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.28%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=250000&vrid=1263268&us_privacy=false&hl=en&cmsid=2631244&plcmt=2&vconp=2&video_doc_id=3205108&vpa=auto&vpmute=1&cnc=12230023&kfa=0&tfcd=0&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&psd=%5Bobject%20Object%5D&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&sdki=445&ptt=20&adk=701525258&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&sid=076D6638-C56A-475A-843A-103F83115534&nel=0&eid=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44804614%2C44807948&top=https%3A%2F%2Fuintacountyherald.com%2F&loc=https%3A%2F%2Fuintacountyherald.com%2F&dlt=1701278465493&idt=1471&dt=1701278467616&cookie=ID%3D82d0607d8e9b2da6%3AT%3D1701278466%3ART%3D1701278466%3AS%3DALNI_Mb2BLmLIV7mtbUTn6oSSe-bewF3hQ&gpic=UID%3D00000cfd2ababe2d%3AT%3D1701278466%3ART%3D1701278466%3AS%3DALNI_MZgf8Sh_3vgHTDVho1m1ctoERkIPw&correlator=1751668217172618&scor=2656146589886284&ged=ve4_td3_tt1_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:07 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 307E
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=95830400148260204444978012523024&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=95830400148260204444978012523024&actionid=879111&produktid=ratenkredit&dt_url=

0
181 B

22ms
22ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=95830400148260204444978012523024&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=2b100a9aa3&subid=&uid=2d40f33adb961950&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwEZWAnNnZdu9F96hjuwPiIG68AOm5b2gab2YnKfJD_AuEAEgh9vqC2CV8ouCmAfIAQmpAr4Xm8ULarI-qAMByAObBKoEpwJP0OOZgezscI_hpGUahTrqMbqbrcMfc3p7YM62cQ8P5E4NEQ9bE6bRT3IkXNLg__oC1fMsLrh6bwkS_0-GgROy4v9xrg9ISgx0kk_rtOyCyl3FThaMO9JvPvXHlSMCRCexCSRrK4k9R6GpsgHslxm0e549d4_Dli1nJOL-4IJRSD1yPnJ0q5I8eitW96mLFFHt3UtUR8kMqcYL3BEDHiognty0UtOdZSBPsgTnnzxe_2IMsBQS048FjOO3PoFiMPq6k0d02xhItq9eoF0SsTIRNhE45iE8hK2EDt6HHgwv-SHiUH5yDzEjLdUFyjs6QrjI--Alz8lMQqW24fMIgYp3-E7i4m4Mx8YetTJDLW8pRwTY5c7E_3vu-s6netClQ1QA9Tfb0z2_wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WI-HmpXc6YIDgAoBmAsByAsBgAwBogwQKg4KDOS0sQLutbECtbixAqoNAkRF4g0TCN_9mpXc6YIDFd6QgwcdiIAOPrATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNf9hJraJQNyvMzWAbM4E9GrNjAEMHzI5jTaHKLWA23IXjuBuOZjjuHwbRELNHblf-PfkN1L8D5HnVz2RXwTVUUXhxOM_9PO4LxgMYAQ%26sig%3DAOD64_2NJAUNVuDsa69UpFU0QGTdFIt3OQ%26client%3Dca-pub-2421836933502242%26dbm_c%3DAKAmf-D8_YMbRYksVf-TnKC44LDEJYo9W22IXRQBcz5c95LAe2MqDwALL6JQGLRC7GutBJekaUDCeQxukCly3VPx2LKblPVPYH_9GjBEeX4N27mrA6L3dExG_7Pu26nR8cnBWjjvFUMjxpHbQvgaSvBykjWQUucJWB2Jmdx3ijQj2hUj5w3OZUs%26cry%3D1%26dbm_d%3DAKAmf-D0vS_javxXf05v29tONtvXieWhaslUamS0L6IeTdQMaXr_mvhPPHIwKq-l3nXa5uf_0Z1svyEygONo235jlWPpuaDQn5P3EdpRAwMoKVIU7GiTdjZJ71XA177PKk_AC4_mhCbYScqKRxpML17_DZeYWWaJtaba_7jfRf6zqH_-36yMJCBwFCyTMOka_U2Z4PCgwlLVC9F83cUYhZuXx6xwjdjDG_1n96O_3GTWEAIKHYmg9srOyxqTN-xnJLVNJL_DCUP_Xi5-m3fKt0mqklIXLUueWHSHJEI9Jw51tbgLszVJ_seMvPQREqALas9RZ9xOHS8YZX7F_Et3EvvQEHukZdZGQyFG64iesXOrsuabaH1UISKr5hqwkd4-PioQOxSZbTx30hGvQg1qaGIFYNhXN1teJOI3xrUkaO5Tgvgy2rtD876Cbxd6f8lZN097e9wc3ElQHIgLc9JpfZLDjKt_fzIReO6ks66SEgCbC7cS6LpaSGsNcbnNSF5sNg1s1xCm0PnlP-AhRpKveRM43h4RwjU9GUewS2jixDj-oU61MNkWiPY%26adurl%3D&documentReferer=https%3A%2F%2Fuintacountyherald.com%2F&ancestorOrigins=https%3A%2F%2Fuintacountyherald.com&random=2536230231512&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 29 Nov 2023 17:21:10 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 29 Nov 2023 06:21:10 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript
date: Wed, 29 Nov 2023 17:21:08 GMT
host: pv.medialead.de
keep-alive: timeout=20
location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=95830400148260204444978012523024&actionid=879111&produktid=ratenkredit&dt_url=
proxy-host: pv.medialead.de
server: nginx/1.17.5
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 53349
x-iplb-request-id: B2A2D188:DE98_91EFC182:01BB_65677303_5C32B5:55DF

GET
H2 200 / Show response
adv.office-partner.de/ Frame 7493 930 B
923 B 36ms
6ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=2b100a9aa3&subid=&uid=2d40f33adb961950&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwEZWAnNnZdu9F96hjuwPiIG68AOm5b2gab2YnKfJD_AuEAEgh9vqC2CV8ouCmAfIAQmpAr4Xm8ULarI-qAMByAObBKoEpwJP0OOZgezscI_hpGUahTrqMbqbrcMfc3p7YM62cQ8P5E4NEQ9bE6bRT3IkXNLg__oC1fMsLrh6bwkS_0-GgROy4v9xrg9ISgx0kk_rtOyCyl3FThaMO9JvPvXHlSMCRCexCSRrK4k9R6GpsgHslxm0e549d4_Dli1nJOL-4IJRSD1yPnJ0q5I8eitW96mLFFHt3UtUR8kMqcYL3BEDHiognty0UtOdZSBPsgTnnzxe_2IMsBQS048FjOO3PoFiMPq6k0d02xhItq9eoF0SsTIRNhE45iE8hK2EDt6HHgwv-SHiUH5yDzEjLdUFyjs6QrjI--Alz8lMQqW24fMIgYp3-E7i4m4Mx8YetTJDLW8pRwTY5c7E_3vu-s6netClQ1QA9Tfb0z2_wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WI-HmpXc6YIDgAoBmAsByAsBgAwBogwQKg4KDOS0sQLutbECtbixAqoNAkRF4g0TCN_9mpXc6YIDFd6QgwcdiIAOPrATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNf9hJraJQNyvMzWAbM4E9GrNjAEMHzI5jTaHKLWA23IXjuBuOZjjuHwbRELNHblf-PfkN1L8D5HnVz2RXwTVUUXhxOM_9PO4LxgMYAQ%26sig%3DAOD64_2NJAUNVuDsa69UpFU0QGTdFIt3OQ%26client%3Dca-pub-2421836933502242%26dbm_c%3DAKAmf-D8_YMbRYksVf-TnKC44LDEJYo9W22IXRQBcz5c95LAe2MqDwALL6JQGLRC7GutBJekaUDCeQxukCly3VPx2LKblPVPYH_9GjBEeX4N27mrA6L3dExG_7Pu26nR8cnBWjjvFUMjxpHbQvgaSvBykjWQUucJWB2Jmdx3ijQj2hUj5w3OZUs%26cry%3D1%26dbm_d%3DAKAmf-D0vS_javxXf05v29tONtvXieWhaslUamS0L6IeTdQMaXr_mvhPPHIwKq-l3nXa5uf_0Z1svyEygONo235jlWPpuaDQn5P3EdpRAwMoKVIU7GiTdjZJ71XA177PKk_AC4_mhCbYScqKRxpML17_DZeYWWaJtaba_7jfRf6zqH_-36yMJCBwFCyTMOka_U2Z4PCgwlLVC9F83cUYhZuXx6xwjdjDG_1n96O_3GTWEAIKHYmg9srOyxqTN-xnJLVNJL_DCUP_Xi5-m3fKt0mqklIXLUueWHSHJEI9Jw51tbgLszVJ_seMvPQREqALas9RZ9xOHS8YZX7F_Et3EvvQEHukZdZGQyFG64iesXOrsuabaH1UISKr5hqwkd4-PioQOxSZbTx30hGvQg1qaGIFYNhXN1teJOI3xrUkaO5Tgvgy2rtD876Cbxd6f8lZN097e9wc3ElQHIgLc9JpfZLDjKt_fzIReO6ks66SEgCbC7cS6LpaSGsNcbnNSF5sNg1s1xCm0PnlP-AhRpKveRM43h4RwjU9GUewS2jixDj-oU61MNkWiPY%26adurl%3D&documentReferer=https%3A%2F%2Fuintacountyherald.com%2F&ancestorOrigins=https%3A%2F%2Fuintacountyherald.com&random=2536230231512&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Wed, 29 Nov 2023 17:21:07 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Wed, 06 Dec 2023 17:21:07 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 24DF
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=95830400148260204444978012523024&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=95830400148260204444978012523024&actionid=879111&produktid=ratenkredit&dt_url=

0
629 B

142ms
103ms

Script
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=95830400148260204444978012523024&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:08 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 29 Nov 2023 06:21:08 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Wed, 29 Nov 2023 17:21:08 GMT
strict-transport-security: max-age=15768000
x-iplb-instance: 53758
content-length: 0
proxy-host: pv.medialead.de
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx/1.17.5
host: pv.medialead.de
x-iplb-request-id: B2A2D188:DE9E_91EFC182:01BB_65677303_5C52A3:41F0
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=95830400148260204444978012523024&actionid=879111&produktid=ratenkredit&dt_url=
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
keep-alive: timeout=20

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame 24DF 43 B
664 B 777ms
621ms Image
image/gif 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=95830400148260204444978012523024&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:08 GMT
strict-transport-security: max-age=15768000
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx/1.17.5
host: pv.medialead.de
x-iplb-request-id: B2A2D188:DEAA_91EFC182:01BB_65677303_5C3290:55DF
x-iplb-instance: 53349
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
keep-alive: timeout=20
content-length: 43
proxy-host: pv.medialead.de

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 24DF 43 B
705 B 195ms
88ms Image
image/gif 23.212.218.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=95830400148260204444978012523024&pv=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.212.218.19 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-218-19.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Nov 2023 17:21:07 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
277 B 145ms
145ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=MaERqapKFzogwfyvUnuhPOIxeXLlIDws-FE7fPshldVrrKD4c033IF0jB-E03BPc9ga1rmPw==&pm_ct=fc1803a924c32ea6aaefc8ee&pm_pl=1701278467158&pm_td=556&pid=1000177&en=1.1&callback=__pm_glbl_YQmXZVv3gLX4M8dIYkSop0kv._gc2&tt=opt&v=d54c666
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://uintacountyherald.com
Date: Wed, 29 Nov 2023 17:21:07 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 7493 174 KB
62 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3161b8dd446b19dd1284a1a705c4e5fbff69fb5c1bf854113690dd14b1c8c2df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63922
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Nov 2023 17:21:07 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 7493 273 KB
91 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4ca3497bc008424dd5c502841f5c3c0aee4bf2452b502defbdc94f60da95e975

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92921
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 29 Nov 2023 17:21:07 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E33A 0
234 B 358ms
111ms Ping
image/gif 2607:f8b0:4002:c05::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lpk19ugr&c=7079216356974&slotId=3539608178487&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4002:c05::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:08 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 104ms
103ms Ping
image/gif 44.193.179.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=YN0wpIaGPS26lSSU&instance=214903750&version=7.27.3&age=231129&ldt=NO_IMP&key=Be6nXXXs&c_id=12385&seq=1&order=6&vIndex=0&absoluteTime=3259.5&relativeTime=1429.3&sm_id=3205108&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=8783&load=1&status=LVFNMNIY&ac_id=2008&adIndex=-1&DS=notfound&prebidABS=G&prebidABC=[[1,%22control_mod_del%22],[1,%22bidder_mod%22,%220_mod%22],[1,%22bidder_del%22,%220_del%22]]
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.27.3/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.179.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-179-92.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:07 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 p
sb.scorecardresearch.com/ Frame B8BA 43 B
299 B 149ms
22ms Image
image/gif 99.84.88.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1701278466633&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=26527&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ci=3205108&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1701278467875&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=1242&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Cheddar%20News&c3=sendtonews&c4=Business&c6=*null&c7=https%3A%2F%2Fuintacountyherald.com%2F&c8=&c9=https%3A%2F%2Fuintacountyherald.com%2F
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-85.muc50.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:08 GMT
via: 1.1 56abe0fedc00b031003c08f0306dae62.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: MUC50-C1
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: hSKl67OUrIYZ7T_WXtFdlm-Q_4DeNrQz2vhtcMI1trlF7wC8KFdZsQ==

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 103ms
103ms Ping
image/gif 44.193.179.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=YN0wpIaGPS26lSSU&instance=214903750&version=7.27.3&age=231129&cmd=INV&key=Be6nXXXs&c_id=12385&seq=1&order=7&vIndex=0&absoluteTime=3265.1&relativeTime=1434.9&alt=0&sC_ID=8783&sm_id=3205108&load=1&status=LVFNMNIY&ac_id=2008&EXTREF=https://uintacountyherald.com/&REF=https://uintacountyherald.com/&playerCfg=BR&playerType=BARKER
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.27.3/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.179.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-179-92.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:07 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 104ms
104ms Ping
image/gif 44.193.179.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=YN0wpIaGPS26lSSU&instance=214903750&version=7.27.3&age=231129&cmd=PLAY&key=Be6nXXXs&c_id=12385&seq=1&order=8&vIndex=0&absoluteTime=3265.4&relativeTime=1435.2&alt=0&sC_ID=8783&sm_id=3205108&load=1&status=LVFNMNIY&ac_id=2008&EXTREF=https://uintacountyherald.com/&REF=https://uintacountyherald.com/&playerCfg=BR&playerType=BARKER&pposition=float&floattype=s
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.27.3/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.179.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-179-92.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:07 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

POST
H2 204 csi
csi.gstatic.com/ Frame E33A 0
45 B 166ms
112ms Ping
image/gif 2607:f8b0:4002:c05::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lpk19v6n&c=7079216356974&slotId=3539608178487&ghmsh_eids=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44804614%2C44807948
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4002:c05::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:08 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 24DF 2 KB
2 KB 129ms
71ms Script
text/html 3.11.123.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=95830400148260204444978012523024&nw=1
Requested by: Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.123.127 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-123-127.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 54a4a1b07c4425b6a01fd2b85dc1eabb5d49ac221329d77ff17e64c74e6cbdd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:08 GMT
last-modified: Wed, 29 Nov 2023 17:21:08 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 29 Nov 2023 17:22:08 GMT

GET
H2

200

activityi;dc_pre=CPiIoZbc6YIDFZFaGQodQlYKtw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6673095701234.604 Show response
5994599.fls.doubleclick.net/ Frame FE98
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6673095701234.604?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPiIoZbc6YIDFZFaGQodQlYKtw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6673095701234.604?

391 B
327 B

58ms
58ms

Document
text/html

172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CPiIoZbc6YIDFZFaGQodQlYKtw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6673095701234.604?

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

cafe /

Resource Hash

6834f1f3876aa5073adb8bd925cfbc860807fa618ffd7e833fae210526cae001

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 218
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 17:21:08 GMT
expires: Wed, 29 Nov 2023 17:21:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 17:21:08 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPiIoZbc6YIDFZFaGQodQlYKtw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6673095701234.604?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900024.redintelligence.net/ Frame 6A90 7 KB
2 KB 33ms
12ms Document
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900024.redintelligence.net/request_content.php?s=95830400148260204444978012523024&a=065a31b2
Requested by: Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 3c382a102b578769791a39026e84cf0b3a819b34331d27018e301e87ab37bc13

Request headers

Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2030
Content-Type: text/html; charset=utf-8
Date: Wed, 29 Nov 2023 17:21:08 GMT
Expires: Wed, 29 Nov 2023 17:21:08 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 24DF 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6c4f56e8a836304ae006c04332d8c384c6ff201c160cb5a9b89336d02392df9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 6A90 5 KB
682 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=95830400148260204444978012523024&a=065a31b2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900024.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 29 Nov 2023 17:21:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 16:28:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Nov 2023 17:21:08 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 6A90 88 KB
89 KB 35ms
13ms Image
image/png 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=95830400148260204444978012523024&a=065a31b2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: ac7916d27c5f00a80e03d15cc7ea44956ff5633a0c4fb27862d7721f1a8de9c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900024.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 17:21:08 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 6A90 76 KB
77 KB 36ms
14ms Image
image/png 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=95830400148260204444978012523024&a=065a31b2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 9e942df204042f9b6bf4da48d0790822f58315cc0818297997174c13b8bf8916

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900024.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 17:21:08 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 6A90 50 KB
50 KB 37ms
14ms Image
image/png 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=95830400148260204444978012523024&a=065a31b2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 96b873bb250a784b5cf5b82ebd67a1faa3e95932baaba39c43eb8de33618e3ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900024.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 17:21:08 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 51111
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK viewability Show response
hal900024.redintelligence.net/ Frame 6A90 0
150 B 35ms
12ms Script
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900024.redintelligence.net/viewability?s=95830400148260204444978012523024&a=edde8e99&vb=m
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=95830400148260204444978012523024&a=065a31b2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900024.redintelligence.net/request_content.php?s=95830400148260204444978012523024&a=065a31b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 17:21:08 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 6A90 14 KB
15 KB 15ms
15ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900024.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:10:39 GMT
x-content-type-options: nosniff
age: 629
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 17:10:39 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 6A90 15 KB
15 KB 16ms
16ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900024.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 20:59:44 GMT
x-content-type-options: nosniff
age: 332484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 20:59:44 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 24DF 53 KB
19 KB 71ms
15ms Script
application/javascript 108.138.36.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=95830400148260204444978012523024&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-15.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:26:54 GMT
content-encoding: gzip
via: 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
last-modified: Thu, 23 Nov 2023 16:26:10 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 3255
x-amz-server-side-encryption: AES256
etag: W/"1180a1bfee0aad979766ecd6180b923e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: a7XFGtpVTH18C8OFMC20ZnLWBqgMKNwbH-9G6JNGr6RQUp9WCFJ0fQ==

GET
H2 200 1x1.png
cdn.track.production.webgains.team/7121/ Frame 24DF 3 KB
3 KB 57ms
14ms Image
image/png 108.138.36.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1701278768&Signature=CZJl9pHTY3wR0HjC4pjXpY~5LySZrgOj~ukmf6rDu~nJNpEsPY-~jeh7ruRjCW~7AQxhDbTdNVgrjn6Ta~Zdyxak2I-QCcaziRR1j8Jj8y-udqlECqsfXQlIxZG8R3vr-uQfyMX2L9o8kfG3188Z8Dl-ADvvb1xKHIba0Z9oSFGkJoJESUUspdPVBG8ZZKBdHjiwX0P1HhEeYAiRBXxvw~~dzZYY4qmp0K-6j9XD7TNKd~QUApUZ5QGWmp3INiA80sadCc1Weh9cavYnAIFj4XZZ0rGHwj-N6iz4AFT3Nj-gmN0htueHRCp5vYdTVQL41u-Y1HYaZA9f397DWeNvVQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-69.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 29 Nov 2023 07:14:33 GMT
via: 1.1 9f8416bf8a85d328bf3649469ef2a474.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 36396
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: HIA0vrz8_dviN0y1M4Tab7LpzZ7v3GZY6l3OIPPqLNSobpZcONmc7w==

GET
H2 200 dc_pre=CPiIoZbc6YIDFZFaGQodQlYKtw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6673095701234.604
adservice.google.com/ddm/fls/z/ Frame FE98 42 B
401 B 92ms
56ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPiIoZbc6YIDFZFaGQodQlYKtw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6673095701234.604

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPiIoZbc6YIDFZFaGQodQlYKtw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6673095701234.604?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 208 KB
75 KB 627ms
627ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3702595777090603&correlator=1112743597680322&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&iu_parts=281191609%3A129995211%2Ctrx_newsmediacorp%2Cuintacountyherald.com&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%2C320x50%7C300x250&fluid=height%2Cheight&ifi=7&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D82d0607d8e9b2da6%3AT%3D1701278466%3ART%3D1701278466%3AS%3DALNI_Mb2BLmLIV7mtbUTn6oSSe-bewF3hQ&gpic=UID%3D00000cfd2ababe2d%3AT%3D1701278466%3ART%3D1701278466%3AS%3DALNI_MZgf8Sh_3vgHTDVho1m1ctoERkIPw&abxe=1&dt=1701278468812&lmt=1701278468&adxs=1200%2C1200&adys=1778%2C1323&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2%7C3&ucis=7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fuintacountyherald.com%2F&vis=1&psz=300x-1%7C300x-1&msz=300x-1%7C300x-1&fws=0%2C0&ohw=0%2C0&ga_vid=53284522.1701278466&ga_sid=1701278466&ga_hid=1023333206&ga_fc=true&dlt=1701278465493&idt=557&prev_scp=slotName%3Dldgr8%26pubDom%3Duintacountyherald.com%26atab%3Dtrue%26frstlk%3Dtrue%7CslotName%3Dldgr9%26pubDom%3Duintacountyherald.com%26atab%3Dtrue%26frstlk%3Dtrue&adks=1698964757%2C1698964754&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

107d6e9c431b9f2b21dc2686a1a8572dc38dca56c0846d9e68494c497c9c74f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:09 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77145
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://uintacountyherald.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 24DF 16 B
209 B 78ms
78ms Fetch
application/json 35.177.10.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.177.10.97 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-177-10-97.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 29 Nov 2023 17:21:09 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 94ms
24ms Preflight 35.177.10.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.177.10.97 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-177-10-97.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 29 Nov 2023 17:21:09 GMT
server: nginx

GET
H3 200 container.html Show response
31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 73DD 6 KB
3 KB 14ms
13ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uintacountyherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 17:21:06 GMT
expires: Thu, 28 Nov 2024 17:21:06 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AF9D 6 KB
3 KB 13ms
13ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uintacountyherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 17:21:06 GMT
expires: Thu, 28 Nov 2024 17:21:06 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 343B 624 B
242 B 57ms
57ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGLTPsuoBMAE&v=APEucNWpFG3VDmxJpsbVExARbuRBDVf9z3QtVTFidjIKqpNAdhkJWBr997_dJGTf8x6vhBF3laluikoWeS1X8rfh6gsokF5gar36Lce12lsxOJNkYr646U-JLXqmpPT_yIW9cGSePo2ZMZWSIuzWoxEIKNzzg3uP_04EhBDWztl9wdRFfY9BEck

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 17:21:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 73DD 23 KB
9 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:58:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4942
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 15:58:47 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 73DD 7 KB
3 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 14:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9385
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 14:44:44 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 73DD 0
0 59ms
58ms Fetch
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssJ5q9dXY0xffdoVN29WSIH01ZOJVLbZXR696SYZ8Zkdp8y6s-AJ-fA3NKvRRWgQ3e5sBalYy9_fWoRtlEtx5r-oyuocDGmveu6AaVtuLuXIm6PyQMKT-3euz41b-NNWA8N-5u9Fq4JKXzX3pzh7oB2N1Qsre9_LmQEiucv7N7G892wOaDVKRjRN1j-pHSE2tLc6QgGJPPCN8dRUck0GyFhlEZHJDz95HellF8LrHChR-Te1_kpGSL8Bw7hJtHZKCQaDQi79JrrL2EqkwUGqaKJnM54-YguBKRx4gm2YSFuWH-MFS7tsTM-SG5YsCClgZoGEyPiLSTLksI27Oi0kQpY9N8oiAl9Oe_0nBASAjAlr3anQevPQellp20toNNFCoWJWsn-Phv0JvgHMezXzrhigUKfId4Ud5m7UioajtAXJkkB8AmsgnomIMss65uyzBzs2HQOSM67CVetTXsVWLDhJxd2TlRtbzKXjD6zPkl7o90cMYMRt3zU5bbw2s0BL_wTujxJX6mGqaULfcVHse--yO-vq7LEK78QSAatse-a0Z-pigMbhEmXjqZEWm4thrix7WXuZXYowa0RKUH1BYT14WGBqNn1hAQkMz8XNzlwjFMlaRgsj4n7Imw8dfPnKt9VbvLMcSAyt8DF_8IhOKoKxSS36sKTARMKvMKmbxGrQjaoM_EonT59tB_JivoKIGEqMeWH-d54x5jfyP-wWaMt95BQammuqnEkA82bXIyFjWfy5ma8fN3ko2QBZwLn6pcsinIC3sc84Gbnk6-lkdPIo-VkCaOrO4q9Iw37rS9oYw7e4mlB1XvdVb-UkF1U4a_051eSKkgJEYoVz22x-VsFNSEtG8VanfHxAPh4hEzOjHdImQklXvmmxO9JMx51occGq62nSM4QcDE7PpaCd3JnSSl2_WbL22F2J_IZ7i3JQlGfcvUiAU3-gBc-RF3V2sbDUpUo5HX68muykY6Lzbk6NGyX-h3YAURwvUvsjDfWErUdZvFTAaJU36cbC5_PYa1anEFRdIP5g48qT0JWfz-CctehR1hZJc1ClOss6HLmpylGZ61myXaaEpLxP4sc2N9CSRmpRLTND3XrHRHMNAI_XgcXlV7gwwqh6d1e95xNg_9_UDdpA04-lW158GPO10zylCL7JVRGZkXkAAvblR7HEHT8h6QIP3UVrf8omwD9BudpjTVh3eKIw4nQdsD-Pk4xEva1svHNON03ddMWn7MX4HYDgGDSLZt-QMKI9P6UT3jVkskdDW-OgCnTYnclf5CahopuLtH0Eg12LWGuYIBCDFnmT69BkgJxql2_6BvmfDELpMwz849BaG9iP1_PB3vnstZolyIivSYuK3TNV0UUD32fXVzMwx5Gs2MYGP0v22PzAg5z3xbnW0BruvuMNR9_F66bz9e4ZCeqM2w9Fci09rMZ2VTHSBaAZRsFZEsCWBNH-DnCJFRimN5i_D-6Z1hzVpA3RGDOL1Cf7huDv_GNN5nafwTATeTaIvHGagp_kS8Ai4vArQu2fZsHsyJZhIOhzpMjmz8-hqRAljOGwTa9h8Nx&sai=AMfl-YQPGL9X3pxc2lU81J5r_RBOc2AF_bAglERWqnMAnve7-aUyulIQ-5lTBX58SPipTBzuW7vRTjmJIzTecVl9RYAzed5sPDdc4bg7YYPs-fnRjS7dJCC2Z6WTbENJqLZ5KP4frhxVzdu4y_oPJznYqwyFteiLR7sajxe_HmM4SmozjvbKJD2KFBidQJik-eFgIFMj2VI0iLtHxM0UNfiO7qLWWIrwQ70ON025zg9sm8yrIc_dp4ChACAodHAt4kg_0H20Xx4li96tnheo5JNAfuZYhTKvNG0tIA4ZSFFBA2oGbHDnKsPWPcnbr4zLpfcNlF7UN0qfe5q7mMBIBXSQ0V_ixqmBHDao2SFqEHPcyYcWrDeYTWjEjIuPCjc51lykGVd9M24PLWnfB39WoQbp8ewtycTtAh9bg6LbyUf4mZJLBsYxV6nSrhw&sig=Cg0ArKJSzBzgw-z8VlWUEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYW52YS5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231109.64716&arae=0&ftch=1&adurl=

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 29 Nov 2023 17:21:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 73DD 41 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 429361
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 18:05:08 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 73DD 3 KB
1 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 12:41:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16790
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 12:41:19 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D60C 1 KB
643 B 16ms
14ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 23339
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 10:52:10 GMT
etag: 48472445140208031
expires: Thu, 30 Nov 2023 10:52:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 73DD 20 KB
8 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65051
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 23:16:58 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 73DD 42 B
63 B 52ms
50ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AiwTe-OutLP5osvglf4XzgAmbuY-k1LFN5U8Yi3_F5NramovHwj1qM6sUtaRz3yeN3p4funDMD0AihbuTTFa5EBsTM8OsaqMWPRa8NC2E1qNryyPs

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 73DD 0
0 24ms
22ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR4UT8gyGsfwYv_XutSuHvG5nSoDi2ZoJiY45bfDId44QEOfxP3pRML79_IYIcex2VAf-B4cws3sY9gFc2qwywv0WQO_w
Requested by: Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 73DD 202 KB
64 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 17:21:09 GMT

GET
H2 200 5048595126434530922
s0.2mdn.net/simgad/ Frame 73DD 415 KB
416 KB 16ms
15ms Image
image/gif 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5048595126434530922

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9244ce685f7367277cff6725c89f999cc8c6e6f53a9b0d4334912f222d351301

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 18:28:06 GMT
x-content-type-options: nosniff
age: 168783
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 425432
x-xss-protection: 0
last-modified: Wed, 17 May 2023 13:17:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 18:28:06 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E70F 640 B
262 B 62ms
61ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARimzbP8ATAB&v=APEucNWf_zi3yL2s6YTQzxT2T7Z8ztakHp54OIPaJwz_tJGELySRMlq_vkFiAdRzBE2kd58DVQiELew7WQgJXTpttDj5YFFDs6dTOkkTLFOleXig6vlHpzs2WDHLHChTl9pONv4KTq6LfV3EMWmAYWnbMH3WDQDnUcm95fAaYlw-YcqfUSYQzSo

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 17:21:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame AF9D 172 KB
60 KB 54ms
19ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
Origin: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:17:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3827
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Nov 2023 16:17:22 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame AF9D 7 KB
3 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 14:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9385
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 14:44:44 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame AF9D 23 KB
9 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:58:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4942
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 15:58:47 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame AF9D 41 KB
14 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 429361
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 18:05:08 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame AF9D 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 12:41:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16790
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 12:41:19 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 699A 1 KB
643 B 18ms
18ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 23339
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 10:52:10 GMT
etag: 48472445140208031
expires: Thu, 30 Nov 2023 10:52:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame AF9D 20 KB
8 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65051
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 23:16:58 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AF9D 42 B
63 B 54ms
53ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A0n2D5S1TfzihsF5EquNjsA9WKQsNYxYvhGhRmnw282BfQY5iu-ObK9T8J2T1VNt2bUPsC8dWG2CgIoWi3ABMx-NrMDY1S469p3Lj_oaERPrCNVfc

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame AF9D 0
0 24ms
20ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTCPOeDhaj-WQnO1l-Ss7reojUMN8t71SI0kdaqsgQBTVQ6IYrH3FRgh_LMSqhxDtTwWv9aTuNiOyV1mXDvB3NeuIHuuA
Requested by: Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame AF9D 202 KB
64 KB 132ms
131ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 17:21:09 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 59CD 38 KB
13 KB 17ms
15ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 309749
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 03:18:40 GMT
expires: Mon, 25 Nov 2024 03:18:40 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame D60C 0
104 B 117ms
69ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOC9lH2JaOnY16_ajKi2tOg&google_cver=1&google_push=AXcoOmRB3HVAiwlmmokdcGoIHpWmwc7AWEUH_QxhGKvItiUYT238PuNU1B-wq7b_iWDuTjCXr5RjMhXBGc3CmdBQxkuct6m9wt2KfA
Requested by: Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:09 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D60C
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEB8qeCkG8ohyALVCbqhjKiw&google_cver=1&google_push=AXcoOmToJy8arWUPNulb2c1FzPhc_Z01zSOjqPTL33gzW_7ivmztpY8xQna5HMDuYJOP3CmkXZ0eFNYzG-b9_zQKYQFhRUc3Vktg
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FA14A09E16854643B3ACA07474D23E7C&google_push=AXcoOmToJy8arWUPNulb2c1FzPhc_Z01zSOjqPTL33gzW_7ivmztpY8xQna5HMDuYJOP3CmkXZ0eFNYzG-b9_zQ...

170 B
188 B

27ms
27ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FA14A09E16854643B3ACA07474D23E7C&google_push=AXcoOmToJy8arWUPNulb2c1FzPhc_Z01zSOjqPTL33gzW_7ivmztpY8xQna5HMDuYJOP3CmkXZ0eFNYzG-b9_zQKYQFhRUc3Vktg

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 29 Nov 2023 17:21:09 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FA14A09E16854643B3ACA07474D23E7C&google_push=AXcoOmToJy8arWUPNulb2c1FzPhc_Z01zSOjqPTL33gzW_7ivmztpY8xQna5HMDuYJOP3CmkXZ0eFNYzG-b9_zQKYQFhRUc3Vktg
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 28 Nov 2023 17:21:09 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D60C
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJUt6-UXLktvYXbUK73EbCE&google_cver=1&google_push=AXcoOmTKuge4FNgzKdYzS4FE7VWtTRooY24ZtUg1OMjuTZk8m7hCZl9zpaH0aLfoSZyLbIUPG1zIdMU4...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJUt6-UXLktvYXbUK73EbCE&google_cver=1&google_push=AXcoOmTKuge4FNgzKdYzS4FE7VWtTRooY24ZtUg1OMjuTZk8m7hCZl9zpaH0aLfoSZyLbIUPG1z...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE3OTIzNTM5NjI3ODI1Mjc0OQ&google_push=AXcoOmTKuge4FNgzKdYzS4FE7VWtTRooY24ZtUg1OMjuTZk8m7hCZl9zpaH0aLfoSZyLbIUPG1zIdM...

170 B
188 B

25ms
25ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE3OTIzNTM5NjI3ODI1Mjc0OQ&google_push=AXcoOmTKuge4FNgzKdYzS4FE7VWtTRooY24ZtUg1OMjuTZk8m7hCZl9zpaH0aLfoSZyLbIUPG1zIdMU4PdFTQxIYBblH49w5JNPmBQ

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE3OTIzNTM5NjI3ODI1Mjc0OQ&google_push=AXcoOmTKuge4FNgzKdYzS4FE7VWtTRooY24ZtUg1OMjuTZk8m7hCZl9zpaH0aLfoSZyLbIUPG1zIdMU4PdFTQxIYBblH49w5JNPmBQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame D60C 43 B
245 B 64ms
18ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESELo3EqBisCF0Pr1emfoy7q0&google_cver=1&google_push=AXcoOmT4tvJS5VYftuHyR_5OAgFpgA9D4zHPaH_d3LOxmWlngxNb3-ti62S1qVZmohhtItVIaMKmrBwp1P6vNnAATs0Zsox5Vg3_Ww
Requested by: Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:09 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D60C
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDnBXC_PfKE5YNg8_g-p6ms&google_cver=1&google_push=AXcoOmQqxmZ20UtuSNJFs6GIiAph9La9PsSInSPUihMAL59mkvhGRvBbmPJhO7IGvSwazGqhIbY...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBLMTlXSFktUy01RldT&google_push=AXcoOmQqxmZ20UtuSNJFs6GIiAph9La9PsSInSPUihMAL59mkvhGRvBbmPJhO7IGvSwazGqhIbYKRk1EWHPHJAWskcHPjN1o1wSstA

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBLMTlXSFktUy01RldT&google_push=AXcoOmQqxmZ20UtuSNJFs6GIiAph9La9PsSInSPUihMAL59mkvhGRvBbmPJhO7IGvSwazGqhIbYKRk1EWHPHJAWskcHPjN1o1wSstA

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBLMTlXSFktUy01RldT&google_push=AXcoOmQqxmZ20UtuSNJFs6GIiAph9La9PsSInSPUihMAL59mkvhGRvBbmPJhO7IGvSwazGqhIbYKRk1EWHPHJAWskcHPjN1o1wSstA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D60C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJy0y0PrPKn-b8VM2oAIjmA&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJy0y0PrPKn-b8VM2oAIjmA&google_hm=ZWdzA7WnK5eqQKjLHFBrpAAABKkAAAIB&google_nid=index&google_push=AXcoOmRpr3PuafjyAGLgDb_3twBgDEQ5A_LQL...

170 B
188 B

31ms
23ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJy0y0PrPKn-b8VM2oAIjmA&google_hm=ZWdzA7WnK5eqQKjLHFBrpAAABKkAAAIB&google_nid=index&google_push=AXcoOmRpr3PuafjyAGLgDb_3twBgDEQ5A_LQLcV4sYmL89wzCuUQi0TuImM_pEzxbVL2WGJZ8En4OwSaEQ2jN5kW3r691ABa3VeqPw

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMoEWw4hOqEJKnh%2BcQjDFFMqS%2FAoAxYut48ZoFYHUZTAwi04aGOqbnAsDaS5dhUzTdsOWnR7%2BoNXoMtXPa5%2Fajyjc7DOoFLCJg5sKwGmSKV4Hv53tCtA5zazbHsi%2FSzWpLv5%2BeGLVj6fLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJy0y0PrPKn-b8VM2oAIjmA&google_hm=ZWdzA7WnK5eqQKjLHFBrpAAABKkAAAIB&google_nid=index&google_push=AXcoOmRpr3PuafjyAGLgDb_3twBgDEQ5A_LQLcV4sYmL89wzCuUQi0TuImM_pEzxbVL2WGJZ8En4OwSaEQ2jN5kW3r691ABa3VeqPw
cache-control: no-cache
cf-ray: 82dc8682985f18db-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D60C 0
12 B 27ms
24ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K-wKMomgk89M5I2B4lQ90QljmMv5x-T2Gfa7uJi5wdRkA1nRILvuYmYcI10Y-WTw

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:09 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 73DD 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60b087588e66eede2b1f17175da45ac5685e9f6c11a9b20824c251a813e6f55f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 699A 0
103 B 106ms
69ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOC9lH2JaOnY16_ajKi2tOg&google_cver=1&google_push=AXcoOmRZMLjw3JMfRUtDtpaoaKsRIqxNFzEUsvrTTZARZxNLntWTutDvBEBhu4Fz3Z2mlKVHsEfqcv1dp90AI00C48Tmxsr7jobd
Requested by: Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:09 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 699A
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEB8qeCkG8ohyALVCbqhjKiw&google_cver=1&google_push=AXcoOmRCWDesXaE_BOk4la7fkzH1XsDlnRf4_QN8cCpG5kn1NLI3bYMP8nXPjvPJK0k0U4VIxCwqdY-Mvke7prVo-wXPeYawcL1n
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F2E3F4819D6C4C429C723DE71EA201A0&google_push=AXcoOmRCWDesXaE_BOk4la7fkzH1XsDlnRf4_QN8cCpG5kn1NLI3bYMP8nXPjvPJK0k0U4VIxCwqdY-Mvke7prV...

170 B
188 B

24ms
24ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F2E3F4819D6C4C429C723DE71EA201A0&google_push=AXcoOmRCWDesXaE_BOk4la7fkzH1XsDlnRf4_QN8cCpG5kn1NLI3bYMP8nXPjvPJK0k0U4VIxCwqdY-Mvke7prVo-wXPeYawcL1n

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 29 Nov 2023 17:21:09 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F2E3F4819D6C4C429C723DE71EA201A0&google_push=AXcoOmRCWDesXaE_BOk4la7fkzH1XsDlnRf4_QN8cCpG5kn1NLI3bYMP8nXPjvPJK0k0U4VIxCwqdY-Mvke7prVo-wXPeYawcL1n
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 28 Nov 2023 17:21:09 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 699A
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJUt6-UXLktvYXbUK73EbCE&google_cver=1&google_push=AXcoOmSC2tAWBw3wamsoviP9mZ9z21CjcP4PVgHaN6AuIQsdhySiEuvjRSt5V-yAe3chIqYSvtME3_X9...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJUt6-UXLktvYXbUK73EbCE&google_cver=1&google_push=AXcoOmSC2tAWBw3wamsoviP9mZ9z21CjcP4PVgHaN6AuIQsdhySiEuvjRSt5V-yAe3chIqYSvtM...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM3Njc0MTM0MDI0MDgzMzA1MQ&google_push=AXcoOmSC2tAWBw3wamsoviP9mZ9z21CjcP4PVgHaN6AuIQsdhySiEuvjRSt5V-yAe3chIqYSvtME3_...

170 B
188 B

24ms
24ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM3Njc0MTM0MDI0MDgzMzA1MQ&google_push=AXcoOmSC2tAWBw3wamsoviP9mZ9z21CjcP4PVgHaN6AuIQsdhySiEuvjRSt5V-yAe3chIqYSvtME3_X9uUpKUdLAxk5tICP71Jmu

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM3Njc0MTM0MDI0MDgzMzA1MQ&google_push=AXcoOmSC2tAWBw3wamsoviP9mZ9z21CjcP4PVgHaN6AuIQsdhySiEuvjRSt5V-yAe3chIqYSvtME3_X9uUpKUdLAxk5tICP71Jmu
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 699A 43 B
103 B 54ms
19ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESELo3EqBisCF0Pr1emfoy7q0&google_cver=1&google_push=AXcoOmTmNUzWm0ESXvdmiVAF8Kx5K3UXbKHl3Hsh13snG1ywux3zGwxNzAbBteCEpYIFU_4D7-04Q99b8o0B5FY7Tz8uYcFmnLNS
Requested by: Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:09 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 699A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDnBXC_PfKE5YNg8_g-p6ms&google_cver=1&google_push=AXcoOmRVaWbChe5yQllhgX35Q93Xar7IKHqwgD2ekP7fkVdnbM-KmgmD1H05u6fNkftUp2GLErQ...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBLMTlXSFYtSS05WVJD&google_push=AXcoOmRVaWbChe5yQllhgX35Q93Xar7IKHqwgD2ekP7fkVdnbM-KmgmD1H05u6fNkftUp2GLErQj2w3XO9X5oFvDfR8uKpwUrH95

170 B
188 B

28ms
28ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBLMTlXSFYtSS05WVJD&google_push=AXcoOmRVaWbChe5yQllhgX35Q93Xar7IKHqwgD2ekP7fkVdnbM-KmgmD1H05u6fNkftUp2GLErQj2w3XO9X5oFvDfR8uKpwUrH95

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBLMTlXSFYtSS05WVJD&google_push=AXcoOmRVaWbChe5yQllhgX35Q93Xar7IKHqwgD2ekP7fkVdnbM-KmgmD1H05u6fNkftUp2GLErQj2w3XO9X5oFvDfR8uKpwUrH95
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 402fba8a82f093def2459220061c8d31
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 699A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJy0y0PrPKn-b8VM2oAIjmA&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJy0y0PrPKn-b8VM2oAIjmA&google_hm=ZWdzA7WnK5eqQKjLHFBrpAAABKkAAAIB&google_nid=index&google_push=AXcoOmRW1h0hU9_cgO7kBwcyt3rD9llvAlCUg...

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJy0y0PrPKn-b8VM2oAIjmA&google_hm=ZWdzA7WnK5eqQKjLHFBrpAAABKkAAAIB&google_nid=index&google_push=AXcoOmRW1h0hU9_cgO7kBwcyt3rD9llvAlCUgtzhLRDE1zNYqYr3oE6F2m4Lkk7_SD9SEPGb4mJauouyPO18KrSx365zImBph9De

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CuMzvjxj2ZqItuDV9GHOatClV61SvLB9b67gMLg3ZTmNgCZeZ0W6C8A7XgRhGsWGNkqqc0pTFyR1zsoze0kDFdjNAE0xXD15fICkb0mCj0qHU7RNQRC36fkSCNtWeEuWsCl7WtDXckXrOw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJy0y0PrPKn-b8VM2oAIjmA&google_hm=ZWdzA7WnK5eqQKjLHFBrpAAABKkAAAIB&google_nid=index&google_push=AXcoOmRW1h0hU9_cgO7kBwcyt3rD9llvAlCUgtzhLRDE1zNYqYr3oE6F2m4Lkk7_SD9SEPGb4mJauouyPO18KrSx365zImBph9De
cache-control: no-cache
cf-ray: 82dc8682a86f18db-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 699A 0
12 B 32ms
31ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K6ZB0y4R_lYKIs_uucU8DbFqSEfHDoXl96SKbwosX2oqnf9XTJlv7FAIRDqrYFEQ

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:09 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 6773 38 KB
13 KB 20ms
17ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 309749
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 03:18:40 GMT
expires: Mon, 25 Nov 2024 03:18:40 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 59CD 39 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:18:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7388
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 15:18:01 GMT

GET
DATA 200
OK truncated
/ Frame AF9D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c8388e50e961fa519d4cdbe6af42a00478c3c81bccc9d579256d585bab19bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 343B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDF3N0OIhk4lyXA6BqmSj4Q&google_cver=1

43 B
732 B

24ms
23ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDF3N0OIhk4lyXA6BqmSj4Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGLTPsuoBMAE&v=APEucNWpFG3VDmxJpsbVExARbuRBDVf9z3QtVTFidjIKqpNAdhkJWBr997_dJGTf8x6vhBF3laluikoWeS1X8rfh6gsokF5gar36Lce12lsxOJNkYr646U-JLXqmpPT_yIW9cGSePo2ZMZWSIuzWoxEIKNzzg3uP_04EhBDWztl9wdRFfY9BEck
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vl1CBlZNhtHrPs0%2BFiNLnJF5Vg6RVFGL%2F42SZ44WmsCMqA0YQ67zkZzskItnftct8yizciolH7XmnVZU4spjrBhVGo5fFWRG5YIBT0xgSTrNVnM5TQn53WNf3pu8ksbS5icudS1%2B1vFDzA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82dc8682ef05bb85-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDF3N0OIhk4lyXA6BqmSj4Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 343B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWdzA7WnK5eqQKjLHFBrpAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDF3N0OIhk4lyXA6BqmSj4Q&google_cver=1

43 B
740 B

24ms
23ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDF3N0OIhk4lyXA6BqmSj4Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGLTPsuoBMAE&v=APEucNWpFG3VDmxJpsbVExARbuRBDVf9z3QtVTFidjIKqpNAdhkJWBr997_dJGTf8x6vhBF3laluikoWeS1X8rfh6gsokF5gar36Lce12lsxOJNkYr646U-JLXqmpPT_yIW9cGSePo2ZMZWSIuzWoxEIKNzzg3uP_04EhBDWztl9wdRFfY9BEck
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iS%2FxeeCvPixSJtlkQ%2FISVBvzJoLv7yq5g%2BJqyLjLOpYDxdA2zoGX5%2Buo0EhNgegYHBs7ixLj9Bussyv9PC8jrdKJ%2BdFmorOJkCspNCF3AYXxq9fyHVnH%2BJPpGZUB2KUg59%2FAIBNwKNkMBg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82dc86832f4fbb85-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDF3N0OIhk4lyXA6BqmSj4Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 343B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGQ2zwI1_J8A8swFX-5e764&google_cver=1

43 B
841 B

40ms
39ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGQ2zwI1_J8A8swFX-5e764&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGLTPsuoBMAE&v=APEucNWpFG3VDmxJpsbVExARbuRBDVf9z3QtVTFidjIKqpNAdhkJWBr997_dJGTf8x6vhBF3laluikoWeS1X8rfh6gsokF5gar36Lce12lsxOJNkYr646U-JLXqmpPT_yIW9cGSePo2ZMZWSIuzWoxEIKNzzg3uP_04EhBDWztl9wdRFfY9BEck

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:09 GMT
an-x-request-uuid: 9b0712cd-2dc7-4b4f-806f-a7ada6852db5
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.136; 178.162.209.136; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGQ2zwI1_J8A8swFX-5e764&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 343B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTAyMzExMjc3NjQyODQxMTYyMQ%3D%3D

170 B
188 B

25ms
25ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTAyMzExMjc3NjQyODQxMTYyMQ%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:09 GMT
an-x-request-uuid: 7364584a-3696-4485-a16c-69afc8801ae4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTAyMzExMjc3NjQyODQxMTYyMQ%3D%3D
x-proxy-origin: 178.162.209.136; 178.162.209.136; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 6773 39 KB
15 KB 18ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:18:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7388
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 15:18:01 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame E70F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENisnsw1b3FT2vD39YAijvQ&google_cver=1

43 B
114 B

20ms
20ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENisnsw1b3FT2vD39YAijvQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARimzbP8ATAB&v=APEucNWf_zi3yL2s6YTQzxT2T7Z8ztakHp54OIPaJwz_tJGELySRMlq_vkFiAdRzBE2kd58DVQiELew7WQgJXTpttDj5YFFDs6dTOkkTLFOleXig6vlHpzs2WDHLHChTl9pONv4KTq6LfV3EMWmAYWnbMH3WDQDnUcm95fAaYlw-YcqfUSYQzSo
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:09 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENisnsw1b3FT2vD39YAijvQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame E70F 43 B
131 B 31ms
19ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARimzbP8ATAB&v=APEucNWf_zi3yL2s6YTQzxT2T7Z8ztakHp54OIPaJwz_tJGELySRMlq_vkFiAdRzBE2kd58DVQiELew7WQgJXTpttDj5YFFDs6dTOkkTLFOleXig6vlHpzs2WDHLHChTl9pONv4KTq6LfV3EMWmAYWnbMH3WDQDnUcm95fAaYlw-YcqfUSYQzSo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:09 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame E70F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESECAdPrsj6A5Ykc-38upEQdo&google_cver=1

23 B
163 B

43ms
34ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESECAdPrsj6A5Ykc-38upEQdo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARimzbP8ATAB&v=APEucNWf_zi3yL2s6YTQzxT2T7Z8ztakHp54OIPaJwz_tJGELySRMlq_vkFiAdRzBE2kd58DVQiELew7WQgJXTpttDj5YFFDs6dTOkkTLFOleXig6vlHpzs2WDHLHChTl9pONv4KTq6LfV3EMWmAYWnbMH3WDQDnUcm95fAaYlw-YcqfUSYQzSo
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

expires: Wed, 29 Nov 2023 17:21:09 GMT
pragma: no-cache
date: Wed, 29 Nov 2023 17:21:09 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESECAdPrsj6A5Ykc-38upEQdo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame E70F 23 B
163 B 168ms
125ms Image
image/gif 23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARimzbP8ATAB&v=APEucNWf_zi3yL2s6YTQzxT2T7Z8ztakHp54OIPaJwz_tJGELySRMlq_vkFiAdRzBE2kd58DVQiELew7WQgJXTpttDj5YFFDs6dTOkkTLFOleXig6vlHpzs2WDHLHChTl9pONv4KTq6LfV3EMWmAYWnbMH3WDQDnUcm95fAaYlw-YcqfUSYQzSo
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

expires: Wed, 29 Nov 2023 17:21:09 GMT
pragma: no-cache
date: Wed, 29 Nov 2023 17:21:09 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 73DD 0
0 56ms
55ms Fetch
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssJ5q9dXY0xffdoVN29WSIH01ZOJVLbZXR696SYZ8Zkdp8y6s-AJ-fA3NKvRRWgQ3e5sBalYy9_fWoRtlEtx5r-oyuocDGmveu6AaVtuLuXIm6PyQMKT-3euz41b-NNWA8N-5u9Fq4JKXzX3pzh7oB2N1Qsre9_LmQEiucv7N7G892wOaDVKRjRN1j-pHSE2tLc6QgGJPPCN8dRUck0GyFhlEZHJDz95HellF8LrHChR-Te1_kpGSL8Bw7hJtHZKCQaDQi79JrrL2EqkwUGqaKJnM54-YguBKRx4gm2YSFuWH-MFS7tsTM-SG5YsCClgZoGEyPiLSTLksI27Oi0kQpY9N8oiAl9Oe_0nBASAjAlr3anQevPQellp20toNNFCoWJWsn-Phv0JvgHMezXzrhigUKfId4Ud5m7UioajtAXJkkB8AmsgnomIMss65uyzBzs2HQOSM67CVetTXsVWLDhJxd2TlRtbzKXjD6zPkl7o90cMYMRt3zU5bbw2s0BL_wTujxJX6mGqaULfcVHse--yO-vq7LEK78QSAatse-a0Z-pigMbhEmXjqZEWm4thrix7WXuZXYowa0RKUH1BYT14WGBqNn1hAQkMz8XNzlwjFMlaRgsj4n7Imw8dfPnKt9VbvLMcSAyt8DF_8IhOKoKxSS36sKTARMKvMKmbxGrQjaoM_EonT59tB_JivoKIGEqMeWH-d54x5jfyP-wWaMt95BQammuqnEkA82bXIyFjWfy5ma8fN3ko2QBZwLn6pcsinIC3sc84Gbnk6-lkdPIo-VkCaOrO4q9Iw37rS9oYw7e4mlB1XvdVb-UkF1U4a_051eSKkgJEYoVz22x-VsFNSEtG8VanfHxAPh4hEzOjHdImQklXvmmxO9JMx51occGq62nSM4QcDE7PpaCd3JnSSl2_WbL22F2J_IZ7i3JQlGfcvUiAU3-gBc-RF3V2sbDUpUo5HX68muykY6Lzbk6NGyX-h3YAURwvUvsjDfWErUdZvFTAaJU36cbC5_PYa1anEFRdIP5g48qT0JWfz-CctehR1hZJc1ClOss6HLmpylGZ61myXaaEpLxP4sc2N9CSRmpRLTND3XrHRHMNAI_XgcXlV7gwwqh6d1e95xNg_9_UDdpA04-lW158GPO10zylCL7JVRGZkXkAAvblR7HEHT8h6QIP3UVrf8omwD9BudpjTVh3eKIw4nQdsD-Pk4xEva1svHNON03ddMWn7MX4HYDgGDSLZt-QMKI9P6UT3jVkskdDW-OgCnTYnclf5CahopuLtH0Eg12LWGuYIBCDFnmT69BkgJxql2_6BvmfDELpMwz849BaG9iP1_PB3vnstZolyIivSYuK3TNV0UUD32fXVzMwx5Gs2MYGP0v22PzAg5z3xbnW0BruvuMNR9_F66bz9e4ZCeqM2w9Fci09rMZ2VTHSBaAZRsFZEsCWBNH-DnCJFRimN5i_D-6Z1hzVpA3RGDOL1Cf7huDv_GNN5nafwTATeTaIvHGagp_kS8Ai4vArQu2fZsHsyJZhIOhzpMjmz8-hqRAljOGwTa9h8Nx&sai=AMfl-YQPGL9X3pxc2lU81J5r_RBOc2AF_bAglERWqnMAnve7-aUyulIQ-5lTBX58SPipTBzuW7vRTjmJIzTecVl9RYAzed5sPDdc4bg7YYPs-fnRjS7dJCC2Z6WTbENJqLZ5KP4frhxVzdu4y_oPJznYqwyFteiLR7sajxe_HmM4SmozjvbKJD2KFBidQJik-eFgIFMj2VI0iLtHxM0UNfiO7qLWWIrwQ70ON025zg9sm8yrIc_dp4ChACAodHAt4kg_0H20Xx4li96tnheo5JNAfuZYhTKvNG0tIA4ZSFFBA2oGbHDnKsPWPcnbr4zLpfcNlF7UN0qfe5q7mMBIBXSQ0V_ixqmBHDao2SFqEHPcyYcWrDeYTWjEjIuPCjc51lykGVd9M24PLWnfB39WoQbp8ewtycTtAh9bg6LbyUf4mZJLBsYxV6nSrhw&sig=Cg0ArKJSzBzgw-z8VlWUEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYW52YS5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=88&vt=11&dtpt=87&dett=2&cstd=0&cisv=r20231109.64716&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 300x250.html Show response
s0.2mdn.net/sadbundle/11065803848835661824/ Frame 54C7 47 KB
12 KB 50ms
49ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=K1gyF9tilr&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8c779f4fa5bf396269317b6ccc5bd0259ff6b28d9dc40eb75cf47aa245b0bde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 17:21:09 GMT
expires: Thu, 28 Nov 2024 17:21:09 GMT
last-modified: Wed, 15 Feb 2023 15:30:17 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame AF9D 0
0 60ms
60ms Fetch
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstU9EWwdiXSfBFuewUrreNLm57xypsTCtxMeeZKp1os_-_ans_Wm8PWRwezNzcsNDsmNs4jswxJYsihmULYcyeyEgusNemWkS2xCPcQBBSi6rhr-erw2FdEatoC2DqVONkxza9JyuQRaVSXToYhdDNCKUgq43F0Rs4-7vcQ3Vvoi3YKta6rBRR0F9wfFyCb7fnrnGuVIeJR_4zN24plKsMlv24GkJxcLmwRm83aoKZu3EmGUVIHHFbv0lhA3DXWvFZa9e0F7gjkXP39iHX6NQBVHavVk40HdI-K_5tHOjnKelzvAx_dR2R1J0-U1ZokRuhkE5Yveb4-6l7i752ENFPr5O5pLA1uSEV3KGK984Ff2LfqWplbYYzmcWnQlA3RubzsxuK_ivREw9JvySoifAdDJxqfKVBWXaHso443fXRcHhZ1LSuxRlSHl7OqR5AjKFH1-S-f7NPv6d_l7Lu05MC0a_9u5UdHYoqtyAd3XllB8NYDUA2fhU3e3nfeI6FHCeWSBiUtJkIZzNMZ9cBK46ZzhtOT5mMnxSQHW0ORBdWxbK4U9klOsd8u9w6UV9Aw5pQPsPlP5Z5ynpxWjCNAXzbRQibRvY8bRiZNefkZdsvmWSnKD01-ZzzCEJ4-_mnxDYJlJBdLpl7Z0Za8s_d4EQadseW7RbXQ4_Kkxm0BCQY18-hFKx-O5zCS9-Jr8GXAKfGsJvbm9LM7JGjnB6lLRm-EfQAHXf-o04ulH14F-crY6vDMMHaYwLJrotDX9Vi8KHlz2mHujB1m2WEv2wvqz6vSsu_StVjPB1GcyedWRj2FG6_4Jy_0PCWtLSiM8C6B3lHA23o3NP_wRyflppYwWTyCqiNkp3i432_jXDItWLbnMwjtxzVxGRpF-LOoFnhx_LzUDIzFN15Mqf-ImSNpkP1hrRGmNaQgP2lK0gsCvr39-SqXeX2NApOvVSkfg5jQhDI2ZJoC73aVY8-BQztHeOBQ6Jdg82IcKbgHaJht-ZJcg2WX8LlgHjsUHUtZlZv-esqAY9trqdRPXOq6_1zmvRfWURIu_HsgKqZoK4GUALnboW2oFwdriUex6mSAwy8CqLiEq7z4xySyTe5D6UnimUVC40AFWxMfwkxH7lrBjKPJV_Ox63hjCoxVmbRDzjY7CePyZw3b7rYJeseCNtaShKXq56sTUvbxasEYUWwWIvcXsTi7igjkbRtxOA2i2JhlNdUjtXGaAP1G55j31VHw6bJ13F1y_X271AFwUbBouNwD_-KYpyVZypZEJwrqsIqHAMTPnzsLyOg2NfToeUvTT4v32hgjqv6DYe6A4ypL4MFGtpEO4WHKZC3fu68U6XkwIsBLI_zgHCpOs8SOBMn-4T2eCqtpHx1JNMNlIzohGh3nzKbetqCbbJc_cUeT5qH8Exbsg5Bk-qfzWGVSbk7jXCsRUv4WA-_HAcvWrvhbKFiGLF6wo429qdgrNTdswUdYfCS09fUj15uS5-9Tz-1FNj6ZUr5gFVn52tLarxdRaPm32Z1aGWslEfdO06_3K_mBy65u524HHvrvy1JCHb4zmU6Sy_YK1NmFD_aja4B53ndEl9pAaJZaxNlNLHtVS_3WJDKH1mPkI0W5k10t4g&sai=AMfl-YSs-FqmOlmOGrr19-2RAxZtMfPBWOgNyI3X319Mzh535h43WGMkklpin1X1GCNTRr_Crg0rDJXOJiil4HIOrwRZSFkZQjV8swxA_2YdfAHTucHHrf0dexx6L4Ks2nQXNmZtyqR3ltde5mR-iTPffrSmly2V8h4mFf5fCQu3Tx_eiTzVdbPTuoY3eCASF1hHCuGxCzqGgFomaDjVVgbH4kGzwFkHidB_T5WwWUocHXEBntJGKmhBDbnQRiaKKMfOWdO9Jiq9pCjKWJs9Aufu1CwbXO0dl3fQmdLyD_TQHif2hjQ3BIaCYetY2O4h_b1cEKnrApyTh-v5N5VfvtQxrsNXKc0oim5uWfGgjbqVPMw6Ij_IUWqRk-fYBbL1pAlRExgsF_ImWeytkhtt9gs8J6hyu1MnQbCanya-m78sa5_TgWDazMDTjw&sig=Cg0ArKJSzCM9nVR_lQ2uEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vMm9ubGluZS5kZQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=92&cbvp=1&cstd=87&cisv=r20231109.85252&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 29 Nov 2023 17:21:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 54C7 118 KB
40 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=K1gyF9tilr&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=K1gyF9tilr&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 04:12:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47316
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Nov 2023 04:12:33 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 54C7 63 KB
25 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=K1gyF9tilr&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=K1gyF9tilr&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Nov 2023 17:21:09 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 59CD 0
20 B 51ms
51ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BcuZ3BHNnZdWHNsaYjuwP4PadsAgAAAAAOAHgBAI&bg=!iomlicbNAAZxrfrxUa07ADQBe5WfOJ19lIUzFDh-fvPUn2yS4ZUtiLgQ3SfOrIQ1RKGME32oVdGVPgagFZobSvGMqaC9AgAAAG5SAAAAAWgBB5kDKf6-7ygT1KZMujGNG1tgLds8GfR0c4q6QUS2sdgnDulBDlRcoBkYkan_QU69AdYvlbZPP1hMquHWgph_4PLUExzIRt5fTvnjyGfz_zt_IG4Jh6sb6Wo6wIYnV4Inh4ZJc9L5dKRCLvz-rLSjMz609qZLZHqBo1e7fVDs6o47h3WCAilhFwh5BMxgTjmP-wqnJzGUs4C1-56hUg-gnHem-4ANXL1IcG4x9GEkZ1oYdFRbtO4H2LmLgWtejVknUwuya8IQ5pfbsF2qZ57Ofh7choVUA6dmaSpiV-A3GGQEGmOKCUZiXVrNksfsIPMnDxRb5iUz7jIL3DtsB66K_x49wGE075tqNkMhKofIxkppeuzh3mid63iRbLKymNoOWlnah1lpp50M49i-fyK2ZbfzmmViWDbhyCsKZwMUiOIFYNtyOQgjv1a4KFGzkIMw3K9HrCO-M1oRkQ-VDDiO1oQ8hBR7LRbIrZAceouwZpC1jhxDjzC77Ge2lrkJ4KhrgrjjjNJNnIiqNHMd6VkwhLdh31_hZBjKpRhactKx-TAVUvdxpZeZYb8ahCGlmdk7j8iwtCY4bxXXnoUhBQJ94AKcp0y7I6xdS1QQXEcMvrdLI2q18u0nh028IDliPjf2PNEaxlFLKboQPC2aaNf35Bd-oRxxtNfF8d7CssN7W--4MT23GZV024nB_YRMYqFnHsJeFHDzNIdZYVg7H5-0vYraLcWObtOY2CWe0Jrmvzpoz8xgx_3XFYm1wMKnP8UJSI0QvHW1lXVJdcHbkEKbjMcZFlGSa5h4uDgL2SSKV-fuM57mPPIxi-yJ25m4tcWZuXGUnl6vmXL1fj6Y_371vfIwP29arnN5ANPPI6D0SLrF6tHr_qMxGkzT7oVY3eUlBMXFR3TzFOiabZPK4guaQ0BSvfdKm5zBpty3Hb6iuCGvlAXy4FQHACyDDd7LKjB398VGDT0mZA_fSVMGuO5RgwMsQkBOYCoiutgVUPIC-X0pZpQBfLvs1-Ssrz1DavxskeT_PnHEzl0XduwBTmfLXmre17KSsO5yaHlynP21E_Uk2VlzLYzj1q1FIqKu

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 54C7 8 KB
6 KB 105ms
56ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff031a7c21194a138ccdc0089b95dbc769915e0986f21509d207772460f05af9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6002
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6773 0
20 B 51ms
51ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BeycwBHNnZdaHNsaYjuwP4PadsAgAAAAAOAHgBAI&bg=!W1ilWBfNAAZxrfrxUa07ADQBe5WfOJAqzZyXnxp3bl-zKR9Ijwft5oyS_Sc7udRdhrL3FjOV4jCB0qIqpayo2F5acurTAgAAAHBSAAAAAWgBB5kDB45awPF5Isqwm9tul-fnXaOACEEL9DSsYFBcCWzH4hvQVb4i70Ew6vW7KzC0rYQJAsMgDa9w7KJN5OA9c3xUC4fQaToHmgMG7O8XIOwkK_3dLpPNc3LcxNsHsqrIn5-18cV6gDmYf3cgmGNE4i-8RmppTV_ZP_LpEyrO5bt4HsIXbT89XQTrrrnnHRTtf1pZboweyhMQPtz10VWJvmC7Nbclvx0xrX3mp7oNbhYppTnZ2t_rxIpJChHu1IWoLvLPrvbkveKIW0KY9_lFoq4gCzSedwadRu95KEPTC203JZo8Rq_MsGy1hLmk9tEdp2-k4egYQvMd0XTT1WS6oKHkJyDBWnKJtddfNhJncd5Mip8UO3qUZILjWrwinSJTqL-PdxHAz-3jYDPPIeJjR4xAl2YWdrlZDcCoJtGNY8nK3zWwX5kASxu0LJRR5ybgYymoWorZgdS5F8NbjnBE6lcafnti5mJ3jgQaY9KYOu0mbLx9ODJlqn62FUx9MeaLjaBiqVHIQUdVJI6Ya45bOQ2anm65pY1JL9sqyNS52koedbug5a8UhTKD2fYhwmaKkbJPq5J-sPMicChW0mKj2Ndc_r_T1yv1akSnn4Y1JmPIb9TqIzbEE4kYIOklMRXh72nCCmQyo4PsEg8xRNXTC7Om10qAxad7zeSBz4BXwblrf8WbxZhz-IjUOWBPJKdo792ik5ZeZSngiVsryuxqv9KOmKgmTPyYJMipetWGNQPiiHQljCtCoHSg5msmLvZJlp8FJ7UuzLXhuDmpE0qHoEgUT8NY0Pz192vlyH_y4eM3XmTO7IjH9yVv9qtl-J_9-HHx3tPCDUNekysb2NQ0xSz6m4H2oHeNMQhhNHXorTsmDYPW9c1KUrBzUaxXHz9uXpFlKbSErnpfsKwncNvhGnIZWiUKEFBWbpWspXXHcRZ9ghMMYNJqJO_w6u1PARI5nK-i6m77z1EVjL-OAUSZYcLizOefRkhNvxm0dXPL1t7LCKP_Dd-jVA7hO0slYMjOV1zAeNrxfAs-GGk

Requested by

Host: 31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
URL: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame AF9D 0
0 54ms
54ms Fetch
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstU9EWwdiXSfBFuewUrreNLm57xypsTCtxMeeZKp1os_-_ans_Wm8PWRwezNzcsNDsmNs4jswxJYsihmULYcyeyEgusNemWkS2xCPcQBBSi6rhr-erw2FdEatoC2DqVONkxza9JyuQRaVSXToYhdDNCKUgq43F0Rs4-7vcQ3Vvoi3YKta6rBRR0F9wfFyCb7fnrnGuVIeJR_4zN24plKsMlv24GkJxcLmwRm83aoKZu3EmGUVIHHFbv0lhA3DXWvFZa9e0F7gjkXP39iHX6NQBVHavVk40HdI-K_5tHOjnKelzvAx_dR2R1J0-U1ZokRuhkE5Yveb4-6l7i752ENFPr5O5pLA1uSEV3KGK984Ff2LfqWplbYYzmcWnQlA3RubzsxuK_ivREw9JvySoifAdDJxqfKVBWXaHso443fXRcHhZ1LSuxRlSHl7OqR5AjKFH1-S-f7NPv6d_l7Lu05MC0a_9u5UdHYoqtyAd3XllB8NYDUA2fhU3e3nfeI6FHCeWSBiUtJkIZzNMZ9cBK46ZzhtOT5mMnxSQHW0ORBdWxbK4U9klOsd8u9w6UV9Aw5pQPsPlP5Z5ynpxWjCNAXzbRQibRvY8bRiZNefkZdsvmWSnKD01-ZzzCEJ4-_mnxDYJlJBdLpl7Z0Za8s_d4EQadseW7RbXQ4_Kkxm0BCQY18-hFKx-O5zCS9-Jr8GXAKfGsJvbm9LM7JGjnB6lLRm-EfQAHXf-o04ulH14F-crY6vDMMHaYwLJrotDX9Vi8KHlz2mHujB1m2WEv2wvqz6vSsu_StVjPB1GcyedWRj2FG6_4Jy_0PCWtLSiM8C6B3lHA23o3NP_wRyflppYwWTyCqiNkp3i432_jXDItWLbnMwjtxzVxGRpF-LOoFnhx_LzUDIzFN15Mqf-ImSNpkP1hrRGmNaQgP2lK0gsCvr39-SqXeX2NApOvVSkfg5jQhDI2ZJoC73aVY8-BQztHeOBQ6Jdg82IcKbgHaJht-ZJcg2WX8LlgHjsUHUtZlZv-esqAY9trqdRPXOq6_1zmvRfWURIu_HsgKqZoK4GUALnboW2oFwdriUex6mSAwy8CqLiEq7z4xySyTe5D6UnimUVC40AFWxMfwkxH7lrBjKPJV_Ox63hjCoxVmbRDzjY7CePyZw3b7rYJeseCNtaShKXq56sTUvbxasEYUWwWIvcXsTi7igjkbRtxOA2i2JhlNdUjtXGaAP1G55j31VHw6bJ13F1y_X271AFwUbBouNwD_-KYpyVZypZEJwrqsIqHAMTPnzsLyOg2NfToeUvTT4v32hgjqv6DYe6A4ypL4MFGtpEO4WHKZC3fu68U6XkwIsBLI_zgHCpOs8SOBMn-4T2eCqtpHx1JNMNlIzohGh3nzKbetqCbbJc_cUeT5qH8Exbsg5Bk-qfzWGVSbk7jXCsRUv4WA-_HAcvWrvhbKFiGLF6wo429qdgrNTdswUdYfCS09fUj15uS5-9Tz-1FNj6ZUr5gFVn52tLarxdRaPm32Z1aGWslEfdO06_3K_mBy65u524HHvrvy1JCHb4zmU6Sy_YK1NmFD_aja4B53ndEl9pAaJZaxNlNLHtVS_3WJDKH1mPkI0W5k10t4g&sai=AMfl-YSs-FqmOlmOGrr19-2RAxZtMfPBWOgNyI3X319Mzh535h43WGMkklpin1X1GCNTRr_Crg0rDJXOJiil4HIOrwRZSFkZQjV8swxA_2YdfAHTucHHrf0dexx6L4Ks2nQXNmZtyqR3ltde5mR-iTPffrSmly2V8h4mFf5fCQu3Tx_eiTzVdbPTuoY3eCASF1hHCuGxCzqGgFomaDjVVgbH4kGzwFkHidB_T5WwWUocHXEBntJGKmhBDbnQRiaKKMfOWdO9Jiq9pCjKWJs9Aufu1CwbXO0dl3fQmdLyD_TQHif2hjQ3BIaCYetY2O4h_b1cEKnrApyTh-v5N5VfvtQxrsNXKc0oim5uWfGgjbqVPMw6Ij_IUWqRk-fYBbL1pAlRExgsF_ImWeytkhtt9gs8J6hyu1MnQbCanya-m78sa5_TgWDazMDTjw&sig=Cg0ArKJSzCM9nVR_lQ2uEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vMm9ubGluZS5kZQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=242&vt=11&dtpt=150&dett=3&cstd=87&cisv=r20231109.85252&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 54C7 47 KB
47 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=K1gyF9tilr&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:15:16 GMT
x-content-type-options: nosniff
age: 353
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Nov 2023 17:30:16 GMT

GET
H3 200 OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 54C7 46 KB
46 KB 15ms
15ms Font
font/woff2 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=K1gyF9tilr&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:20:38 GMT
x-content-type-options: nosniff
age: 31
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46936
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Nov 2023 17:35:38 GMT

GET
H3 200 60005582_20210507060843268_Asset_Transparent.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 54C7 2 KB
2 KB 30ms
29ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210507060843268_Asset_Transparent.png

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=K1gyF9tilr&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 10:12:25 GMT
x-content-type-options: nosniff
age: 25724
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2040
x-xss-protection: 0
last-modified: Fri, 07 May 2021 13:08:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Nov 2023 10:12:25 GMT

GET
H3 200 60005582_20231120053512071_300x250_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 54C7 25 KB
25 KB 30ms
30ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20231120053512071_300x250_LOOK-01.png

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19915b1a8769701f789e431bd814f1ab4e40280c6f3876d5e54fb52e8c1addb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=K1gyF9tilr&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 09:41:38 GMT
x-content-type-options: nosniff
age: 27571
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26026
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 13:35:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Nov 2023 09:41:38 GMT

GET
H3 200 60005582_20230413243008511_300x250_LOOK-02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 54C7 34 KB
34 KB 32ms
32ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230413243008511_300x250_LOOK-02.png

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60f46bfd81485e775d3ba7208cd1de8eb706639b1aaa338f371676199625faa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=K1gyF9tilr&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 09:41:38 GMT
x-content-type-options: nosniff
age: 27571
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34621
x-xss-protection: 0
last-modified: Thu, 13 Apr 2023 07:30:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Nov 2023 09:41:38 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame 54C7 43 B
609 B 86ms
23ms Image
image/gif 141.101.90.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_PEF_HAV_14121_PV&mediacode=30943251_4307561_379894798_145340772_PO3001A20231121&ref=30943251_4307561_379894798_145340772_PO3001A20231121
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.90.99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 17:21:09 GMT
via: 1.1 varnish-live-2-0
CF-Cache-Status: HIT
age: 1425211
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 43
last-modified: Mon, 16 Oct 2023 12:55:26 GMT
Server: cloudflare
etag: "2b-607d4eb83ab80"
Vary: Accept-Encoding
Content-Type: image/gif
x-varnish: 183737950
cache-control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 82dc86845cdf30f4-FRA
Expires: Thu, 28 Nov 2024 17:21:09 GMT

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 54C7 26 KB
26 KB 15ms
15ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png

Requested by

Host: uintacountyherald.com
URL: https://uintacountyherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=K1gyF9tilr&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:16:38 GMT
x-content-type-options: nosniff
age: 271
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 15:44:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Nov 2023 17:31:38 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 54C7 17 KB
6 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 29 Nov 2023 17:21:09 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame D1C2 39 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:18:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7388
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 15:18:01 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 60ms
60ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311150101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dafb55115d5e7d0cefaf8560477f6a340422c35c544ecbc15caa3dbec95a5fec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12264
x-xss-protection: 0

GET
H2 200 tcx-ping.php Show response
japfg-trending-content.appspot.com/ 205 B
191 B 464ms
463ms Script
text/html 2a00:1450:4001:80b::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://japfg-trending-content.appspot.com/tcx-ping.php?s=10236&t=&h=uintacountyherald.com&p=%2F&w=2&a=ldgr8--ldgr9&_debug=1
Requested by: Host: uintacountyherald.com
URL: https://uintacountyherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: d01e0ce8ebc980e3361c9a352d230fcbae74cd7b3c0d83e0676adf3754f0363b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:10 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 29 Nov 2023 17:21:10 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3EF2 13 KB
5 KB 14ms
13ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uintacountyherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 15942
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 12:55:28 GMT
expires: Thu, 28 Nov 2024 12:55:28 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0338 829 B
560 B 23ms
22ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

29982d4c28264bef9581dfe1a3f682e2e4c0e39ce11ca1b658ca61eb9c7e869b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CioE56vu7uRKLY59A-_X9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uintacountyherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-CioE56vu7uRKLY59A-_X9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 17:21:10 GMT
expires: Wed, 29 Nov 2023 17:21:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 3EF2 39 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:18:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 15:18:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0338 0
0 48ms
48ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311150101&jk=3702595777090603&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3EF2 0
10 B 13ms
13ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?4NKltQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
277 B 128ms
128ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=MaERqapKFzogwfyvUnuhPOIxeXLlIDws-FE7fPshldVrrKD4c033IF0jB-E03BPc9ga1rmPw==&pm_ct=fc1803a924c32ea6aaefc8ee&pm_pl=1701278467158&pm_td=3390&pid=1000177&en=1.1&callback=__pm_glbl_YQmXZVv3gLX4M8dIYkSop0kv._gc3&tt=opt&v=d54c666
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://uintacountyherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://uintacountyherald.com
Date: Wed, 29 Nov 2023 17:21:10 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame FB2A 281 B
555 B 36ms
8ms Document
text/html 23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0_trade_desk_33accross_intentiq/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://uintacountyherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 29 Nov 2023 17:21:10 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FB2A 46 KB
13 KB 8ms
8ms Script
text/html 23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d30ebe5017ee0a99c84556e36d105000a7352a72b16bdd457a813ff75197ce46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 17:21:10 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Nov 2023 04:26:38 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=39954
Connection: keep-alive
Content-Length: 13233
Expires: Thu, 30 Nov 2023 04:27:04 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame FB2A 7 B
380 B 36ms
9ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: aca6c52e983509e86b136a052e19be23
Expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 51ms
51ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311150101&jk=3702595777090603&bg=!VFelVxjNAAZxrfrxUa07ADQBe5WfOFLo9VEgfh_Qggk2g_1wt0zJYmdjuCjFOD2EOHNKD8OkBPVvOMH5FOzgDHcTv0JHAgAAADFSAAAAAmgBB5kCur72YdzS9o0dwlToyFJTqcME1i1EiNf05awPYQtiO6NV8PmP1FY1y77oWCrMEQXw-mcaf4O9TRJb33_frHyfxbfT8c9ua0WgIH8sFtO2KEtlh_i-EDHueBHEs_khuokTgvlbrVQnI3vE_hsSXMBnQdsEznvjH_G6HwFYIIiDmZzdsRq6DO6nVoY57RQrbMU_iKxLplrzlLq3mqE_12PvG7ERtgFioeS90IsxyPI2HMAcPAGK9Fwa21eV3idVOBF44i6uMeLVpXo9qLp8gHtM2vbT-CLDLICeb5l4WyyGQjTuavNyMFCwh4-N3y9-76ysV8ecPqxDNRRgWQlptNY45AFeATst8ixRPBVJpRG6RLQwi_cJbJVPAPM6ph1-r2BWOPS-0vuDoyBKMVNyKzJDNxAK_ad1fjNzjrdnu8fZgiw3T4XiJmRxMvazKvEgM-39JmiviEomexkCzIX_RHyGnjDoqGBhCgZaHyvcCXes-rT688toK1MUFVYFpSOq0480x_gQU3oczBTVmD_rJPv6v-3B1DaRWMLNP8UAkD6ESLGNNxuaXIg1YxLkccVxN6ydNi9zZpqiD6HkiI-jb-xEdNF5vggXu63bmTIKaAe_MBu0ZpZxB0ZRf35bgiQY1w1cQxKudO7r3YDu3vtdHzV9iAB3km86ZuXDnVr3zHKEovZ2zyNdg-3PJrRrpEXlWA9EtVT8X8c950T4mENS8NT0i-Ir0yhXtpEK0I52f88w3zD482tI7uHKccAZAg9_JZrOZuOEtnr3u1j1WmspvKPwhGJIxf96uGe3bRhQPzc-FGCeoF4WJ1JGzoVHRrfSvceKDBoH6UsWOBQUpT-ExB9VY6nuLTm3tvzkFyr8TNQ89VBpMa21c-gTl9bM8BFKtKKrvKjZY-w9INSFAAZJUe5o_kBKpEtdxtlCVysv
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 476E 900 B
829 B 32ms
20ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0
Requested by: Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: a2966c6d80ba8aac43840c0709c66385dda8457f6258b2ce54e710fbf056e3cb

Request headers

Referer: https://uintacountyherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 511
content-type: text/html
date: Wed, 29 Nov 2023 17:21:11 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 24DF 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5986778155533&version=m202309260101&ct=77&x=1&cor=13114803937138008000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 476E 43 B
103 B 18ms
17ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:11 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2 200 74dfb74a-5903-ac71-7295-a8c22d2d7e73
pr-bh.ybp.yahoo.com/sync/openx/ Frame 476E 43 B
604 B 114ms
36ms Image
image/gif 2a05:d018:d29:3602:1c33:a9c0:1eba:a0fe
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/74dfb74a-5903-ac71-7295-a8c22d2d7e73?gdpr=0

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:1c33:a9c0:1eba:a0fe Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sync
x.bidswitch.net/ Frame 476E 43 B
146 B 37ms
9ms Image
image/gif 35.157.195.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=openx
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.195.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-195-10.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 476E
Redirect Chain

https://creativecdn.com/cm-notify?pi=openx&gdpr=0
https://creativecdn.com/cm-notify?pi=openx&gdpr=0&tc=1
https://us-u.openx.net/w/1.0/sd?id=537073053&val=UV-ofHxJKtuIFl4SY7mn94bYh9EPNybGx58cc51cHYs&pi=openx&gdpr=0&tc=1

43 B
61 B

21ms
21ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073053&val=UV-ofHxJKtuIFl4SY7mn94bYh9EPNybGx58cc51cHYs&pi=openx&gdpr=0&tc=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:11 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537073053&val=UV-ofHxJKtuIFl4SY7mn94bYh9EPNybGx58cc51cHYs&pi=openx&gdpr=0&tc=1
pragma: no-cache
date: Wed, 29 Nov 2023 17:21:11 GMT, Wed, 29 Nov 2023 17:21:11 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 476E
Redirect Chain

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=VtyhSVfap0lN3fEaA926GlHb8khN2KZJAtjmFyZi

43 B
61 B

21ms
21ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&&val=VtyhSVfap0lN3fEaA926GlHb8khN2KZJAtjmFyZi
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:11 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:11 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&&val=VtyhSVfap0lN3fEaA926GlHb8khN2KZJAtjmFyZi
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 476E
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8179235396278252749

43 B
61 B

21ms
21ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8179235396278252749
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:11 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8179235396278252749
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 476E
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=b8cead73-d505-85c2-834c-3ca0ba4978da
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=b8cead73-d505-85c2-834c-3ca0ba4978da&dcc=t

43 B
568 B

37ms
37ms

Image
image/gif

52.94.222.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=b8cead73-d505-85c2-834c-3ca0ba4978da&dcc=t

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0

Protocol

HTTP/1.1

Server

52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Nov 2023 17:21:11 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: A65V8Z9FPJ28AYCCN4BQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 29 Nov 2023 17:21:11 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 0JTKHCP1059GTB8W0KEG
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=b8cead73-d505-85c2-834c-3ca0ba4978da&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 476E 70 B
148 B 34ms
33ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=e018d10e-c9af-3e38-4342-be37d27ab33a&gdpr=0
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:21:11 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 476E 170 B
188 B 24ms
23ms Image
image/png 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2M3NzAyYzQtMDBkOC02MDljLTU2YTItZTQ4ZTE4OTg3ZDVh

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 476E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENisnsw1b3FT2vD39YAijvQ&google_cver=1

43 B
61 B

20ms
20ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENisnsw1b3FT2vD39YAijvQ&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:11 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 17:21:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENisnsw1b3FT2vD39YAijvQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 03n83so79q240353r1o9nponn6r59orr-00002.ts Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 421 KB
422 KB 16ms
15ms XHR
video/mp2t 108.138.36.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/03n83so79q240353r1o9nponn6r59orr-00002.ts
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.27.3/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b6f03b3ae21992a687ba2df27cab37d3af78bb159229f179eabad9936b900800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uintacountyherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:14:57 GMT
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 3976
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 430708
last-modified: Wed, 29 Nov 2023 15:22:31 GMT
server: AmazonS3
etag: "db3d3c7190ef4779d7c4dd391431f0db"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: video/mp2t
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: 8ESjepZrkSjhAecPN7fgg3wYhj0Jh8iblxufPGuWza3eluUwfVx1mA==

Verdicts & Comments Add Verdict or Comment

196 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

50 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
uintacountyherald.com/	1970-01-20 16:34:45	Name: XSRF-TOKEN Value: eyJpdiI6Im96U1FrR0ZsdHZsS2dYcVJkNGRkWkE9PSIsInZhbHVlIjoicFU0azNoU01NRVpHNUNscHArQXQ3Sk8wVytUMlMrMzBIenZKbVwvNWlwcGRHQTZSZ01nTkZJY3E3Z0pXN1FzN3h6a2dlT0JGcG9SZm5HY29veTIyZWFBPT0iLCJtYWMiOiJiNzBkYjg5ODA2MzkzNWZmODU5YzIwYWE4NTQ4MzMwYTAzNDBmNTFmY2Y1NGM4YmQ0NjZjY2VkODg5N2M5MTJiIn0%3D
uintacountyherald.com/	1970-01-20 16:34:45	Name: laravel_session Value: eyJpdiI6InI1emVuUUJab0pqTURlUDJCU2RWdFE9PSIsInZhbHVlIjoibFI2TFM1Rk1IKzlmN3ppVitwbmk3azdzaFlQK29sUWNlZkNVMDhXMnZXdVZVRWpXQmNwSjIyYzJjNlwvQ1NwXC9sZXp4UnpxeEJNWjhxaWxlWjVoeEpqdz09IiwibWFjIjoiMzE4YWQwMWE2OGNiMWQ5M2FkMDEyOGFkYjdmN2FhOGRiYjMyOTMyNWYxYjM0NGMwOGIwODRjMTViOWQyYzQ2ZCJ9
uintacountyherald.com/	1970-01-21 01:20:14	Name: flipp-uid Value: 281becb1-ed6c-4baa-a1c6-d049dd4a1fd3
uintacountyherald.com/	1969-12-31 23:59:59	Name: logglytrackingsession Value: 02596218-eb03-4335-90ad-15e62b515b34
.uintacountyherald.com/	1970-01-21 02:10:38	Name: _ga Value: GA1.2.53284522.1701278466
.uintacountyherald.com/	1970-01-20 16:36:04	Name: _gid Value: GA1.2.150116193.1701278467
.uintacountyherald.com/	1970-01-20 16:34:38	Name: _gat Value: 1
uintacountyherald.com/	1970-01-20 17:17:50	Name: _pbjs_userid_consent_data Value: 3524755945110770
.uintacountyherald.com/	1970-01-21 02:10:38	Name: _ga_J19JFGRKPN Value: GS1.2.1701278466.1.0.1701278466.60.0.0
.p.flipp.com/	1970-01-21 02:10:38	Name: gid Value: "8+21ZgACd2VKPfU5BE4aKw=="
.uintacountyherald.com/	1970-01-21 01:56:14	Name: __gads Value: ID=82d0607d8e9b2da6:T=1701278466:RT=1701278466:S=ALNI_Mb2BLmLIV7mtbUTn6oSSe-bewF3hQ
.uintacountyherald.com/	1970-01-21 01:56:14	Name: __gpi Value: UID=00000cfd2ababe2d:T=1701278466:RT=1701278466:S=ALNI_MZgf8Sh_3vgHTDVho1m1ctoERkIPw
.uintacountyherald.com/	1970-01-20 16:34:40	Name: _hjFirstSeen Value: 1
.uintacountyherald.com/	1970-01-20 16:34:40	Name: _hjIncludedInSessionSample_467830 Value: 1
.uintacountyherald.com/	1970-01-20 16:34:40	Name: _hjSession_467830 Value: eyJpZCI6ImUzOWY3NThiLTRhM2EtNGFkYy04NTA4LTEzNTk0ZDY3YWYzNCIsImNyZWF0ZWQiOjE3MDEyNzg0NjY5OTIsImluU2FtcGxlIjp0cnVlLCJzZXNzaW9uaXplckJldGFFbmFibGVkIjpmYWxzZX0=
.uintacountyherald.com/	1970-01-21 01:20:14	Name: _hjSessionUser_467830 Value: eyJpZCI6IjcyOTdkOGU1LWQ1M2QtNTcxNi1iZDIxLTM5OGZhODlkNzFhMCIsImNyZWF0ZWQiOjE3MDEyNzg0NjY5OTEsImV4aXN0aW5nIjp0cnVlfQ==
.uintacountyherald.com/	1970-01-20 16:34:40	Name: _hjAbsoluteSessionInProgress Value: 0
.bing.com/	1970-01-21 01:56:14	Name: MUID Value: 144A8BAF187C6F6D0EE2987719BC6E1A
.doubleclick.net/	1970-01-21 01:56:14	Name: IDE Value: AHWqTUk58c7G5ZZof9PwGSu5benqB7V5R5aM0Q3OnONfaUW_N_KzjTI8ax75ygwu
.adnxs.com/	1970-01-20 18:44:14	Name: uuid2 Value: 9023112776428411621
.casalemedia.com/	1970-01-21 01:20:14	Name: CMID Value: ZWdzA7WnK5eqQKjLHFBrpAAA
.casalemedia.com/	1970-01-20 18:44:14	Name: CMPS Value: 1193
.casalemedia.com/	1970-01-20 18:44:14	Name: CMPRO Value: 1193
.doubleclick.net/	1970-01-20 20:53:50	Name: APC Value: AfxxVi5IoyOOUth9cz4kZ2QP6uMF86tL8d2WgjpbUcP3IIPpATlESA
uintacountyherald.com/	1970-01-20 16:36:04	Name: pmtimesig Value: [[1701278467218,0]]
.doubleclick.net/	1970-01-20 17:17:50	Name: ar_debug Value: 1
.redintelligence.net/	1970-01-20 18:44:14	Name: 8lcfmzhxc8d6_uid Value: c7d4478700f7e5fd
.lijit.com/	1970-01-21 01:20:14	Name: ljt_reader Value: HvQRqBZHOaGSFC6KTxGhf3DF
.openx.net/	1970-01-21 01:20:14	Name: i Value: 33b4ee57-6028-01cf-1994-76dfb65d80c7\|1701278467
.awin1.com/	1970-01-20 16:44:43	Name: awpv11601 Value: 113440\|1701278467\|aee0bc90-8edb-11ee-85f5-22347f548c7f
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 357526:3266505
.office-partner.de/	1970-01-21 02:10:38	Name: source Value: {"webgains_webgains":{"timestamp":1701278467842,"clickCookie":false}}
.go.sonobi.com/	1970-01-20 17:17:50	Name: __uis Value: ff953924-7209-4875-80b6-d123f4dcbb30
.go.sonobi.com/	1970-01-20 16:36:04	Name: _usd_uintacountyherald.com Value: 05fc41e7-8210-456e-9cae-a9819218777e
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s86203\|ZWdzB
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: sldlrjz2yzmsoajfmxskbhgp
pb.media01.eu/	1970-01-21 02:10:38	Name: DTU Value: 7441B9631FE241EA5ADF7A8A77C49106
uintacountyherald.com/	1970-01-20 16:36:04	Name: _hjShownFeedbackMessage Value: true
pixel.rubiconproject.com/	1970-01-20 18:44:14	Name: receive-cookie-deprecation Value: 1
.adform.net/	1970-01-20 17:17:50	Name: C Value: 1
.simpli.fi/	1970-01-21 01:21:40	Name: suid Value: F2E3F4819D6C4C429C723DE71EA201A0
.adnxs.com/	1970-01-20 18:44:14	Name: anj Value: dTM7k!M41.D>6NRF']wIg2HaRFs2!A#F8(<j<dINiYhTyXnfi8FW/7oc10lx`y9gNQ_%aH2_(k25'8g]E/xl#g.t(j#iP(Md+>)fy)hkgKH-
.adform.net/	1970-01-20 18:01:02	Name: uid Value: 8179235396278252749
.openx.net/	1970-01-20 16:56:14	Name: pd Value: v2\|1701278471\|mOgesLwkgqn0vNvQiygu
.creativecdn.com/	1970-01-21 01:20:14	Name: u Value: 7wxsI3U9z74dsKhx40D0
.creativecdn.com/	1970-01-21 01:20:14	Name: g Value: 7wxsI3U9z74dsKhx40D0_1701278471317
.creativecdn.com/	1970-01-21 01:20:14	Name: ts Value: 1701278471
.quantserve.com/	1970-01-20 18:44:14	Name: d Value: EOUBDAHFKoqsMA
.quantserve.com/	1970-01-21 02:04:52	Name: mc Value: 65677307-4fdc4-d12e6-117b1
.yahoo.com/	1970-01-21 01:20:36	Name: A3 Value: d=AQABBAdzZ2UCEHt-atNL7BuPnCjUxT3P93QFEgEBAQHEaGVxZQAAAAAA_eMAAA&S=AQAAAoHXY3ESemFB7ZTR3Z9O-kI

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://uintacountyherald.com/(Line 364) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.empowerlocal.co/adserve/;ID=181918;size=0x0;setID=517063;type=js;sw=1600;sh=1200;spr=1;kw=home;pid=8311453;place=0;rnd=8311453;click=CLICK_MACRO_PLACEHOLDER, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://uintacountyherald.com/(Line 364) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.empowerlocal.co/adserve/;ID=181918;size=0x0;setID=517063;type=js;sw=1600;sh=1200;spr=1;kw=home;pid=8311453;place=0;rnd=8311453;click=CLICK_MACRO_PLACEHOLDER, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ads.empowerlocal.co/adserve/;ID=181918;size=0x0;setID=517063;type=js;sw=1600;sh=1200;spr=1;kw=home;pid=8311453;place=0;rnd=8311453;click=CLICK_MACRO_PLACEHOLDER(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://embed.sendtonews.com/player2/embedcode.php?fk=Be6nXXXs&cid=12385&SIZE=400&floatwidth=400, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ads.empowerlocal.co/adserve/;ID=181918;size=0x0;setID=517063;type=js;sw=1600;sh=1200;spr=1;kw=home;pid=8311453;place=0;rnd=8311453;click=CLICK_MACRO_PLACEHOLDER(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://embed.sendtonews.com/player2/embedcode.php?fk=Be6nXXXs&cid=12385&SIZE=400&floatwidth=400, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://idsync.rlcdn.com/712559.gif?partner_uid=281becb1-ed6c-4baa-a1c6-d049dd4a1fd3 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=uintacountyherald.com Message: Failed to load resource: the server responded with a status of 403 ()
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt(Line 1) Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt(Line 1) Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt(Line 1) Message: Failed to create WebGPU Context Provider

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

31849517590f28ae5aac928d471d289a.safeframe.googlesyndication.com
5994599.fls.doubleclick.net
a.ad.gt
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.doubleclick.net
ads.empowerlocal.co
ads.pubmatic.com
adsdk.microsoft.com
adservice.google.com
adv.office-partner.de
ams3-ib.adnxs.com
analytics.webgains.io
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
api.webgains.io
assets.revcontent.com
c.amazon-adsystem.com
c1.adform.net
cdn-gateflipp.flippback.com
cdn-ima.33across.com
cdn.adnxs.com
cdn.ads-flipp.com
cdn.confiant-integrations.net
cdn.hadronid.net
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
config.aps.amazon-adsystem.com
creativecdn.com
csi.gstatic.com
d29xw9s9x32j3w.cloudfront.net
d2zqfs55y95cft.cloudfront.net
data.ad-score.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
embed.sendtonews.com
embedcdn.sendtonews.com
eu-u.openx.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900024.redintelligence.net
hb.undertone.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.hadron.ad.gt
id.sv.rkdms.com
idsync.rlcdn.com
images.revcontent.com
imasdk.googleapis.com
img.revcontent.com
japfg-trending-content.appspot.com
japfg-trending-content.uc.r.appspot.com
js-sec.indexww.com
js.ad-score.com
justapinch-com-d.openx.net
lexicon.33across.com
lh3.googleusercontent.com
match.adsrvr.org
p.flipp.com
pagead2.googlesyndication.com
pb.media01.eu
pixel.rubiconproject.com
player.sendtonews.com
portal.o2online.de
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
pubads.g.doubleclick.net
pv.medialead.de
region1.analytics.google.com
resources.infolinks.com
router.infolinks.com
rtb.openx.net
s0.2mdn.net
s2l.sendtonews.com
sb.scorecardresearch.com
script.hotjar.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
servedbyadbutler.com
ssum-sec.casalemedia.com
static.hotjar.com
stats.g.doubleclick.net
sync.teads.tv
targeting.unrulymedia.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
trends.revcontent.com
uintacountyherald.com
um.simpli.fi
us-u.openx.net
www.americanhometownmedia.com
www.awin1.com
www.bing.com
www.civicscience.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.justapinch.com
www.uintacountyherald.com
x.bidswitch.net
yeet.revcontent.com
104.18.36.155
104.18.38.76
108.138.36.117
108.138.36.126
108.138.36.15
108.138.36.51
108.138.36.69
108.138.36.71
108.138.37.209
130.211.10.17
130.211.115.4
138.201.63.145
138.201.84.252
141.101.90.99
142.250.186.162
145.239.193.130
15.197.193.217
162.55.246.61
172.217.16.134
172.217.18.102
172.64.152.89
172.66.42.247
18.173.154.13
18.173.154.71
18.173.187.21
18.173.187.56
18.173.191.32
18.66.192.39
184.30.211.26
185.184.8.90
185.64.189.112
185.89.210.46
2001:4860:4802:34::36
2001:4860:4802:38::178
216.52.2.6
23.212.218.19
23.213.164.226
23.213.164.238
23.35.237.56
23.52.120.246
2600:9000:20c3:e800:f:c7b3:ce40:93a1
2600:9000:26db:2800:a:deb0:3380:93a1
2606:4700:10::6816:545
2606:4700:10::ac43:246e
2606:4700:3035::6815:3136
2606:4700:4400::ac40:90a6
2606:4700::6811:180e
2607:f8b0:4002:c05::5e
2620:116:800d:21:93ca:31d8:d86e:38f6
2620:1ec:46::44
2a00:1450:4001:802::200a
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:808::2001
2a00:1450:4001:80b::2014
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2014
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2006
2a00:1450:4001:830::200a
2a00:1450:4001:831::2001
2a00:1450:400c:c00::9b
2a02:26f0:3500:1b::1724:a39c
2a02:fa8:8806:13::1400
2a04:4e42:200::649
2a05:d018:d29:3602:1c33:a9c0:1eba:a0fe
2a0b:4d07:101::1
3.11.123.127
3.230.202.53
34.120.133.55
34.120.58.62
34.202.199.100
35.157.195.10
35.177.10.97
35.204.158.49
35.227.252.103
35.244.159.8
35.244.174.68
35.244.193.51
37.157.2.228
37.252.171.52
44.193.179.92
46.228.174.115
51.81.49.106
52.59.93.26
52.94.222.140
54.76.85.248
69.166.1.64
69.173.144.137
69.173.144.139
69.173.144.165
88.198.250.30
99.84.88.101
99.84.88.15
99.84.88.85
99.84.88.88
0077dda9560e1ff3171a016d7390330796612e54619094f5bafe6b5314e2eb8f
01f01b1e21685ff7d3205f6ab09c5f17880f5cebae153984ed37e924655b26f0
02dca805f8fb8debf67e38ddbe20bcbebd676cc6a885b6c436b5ddc732b7dd28
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
058330e592e9d931835d1d504b3fd862db0fbac26115cf1e72140ed35a2c9b49
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
05c7ba81186b0be4238e6e39757350bcc41918c51858cb167d6112f6a3b7510e
06827a14761ece907961a2dedebe66ddaa89a18f875b94db92c4f2acf5b7f6aa
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0a2877d35b782162338bb95faedfa08559e23788db9d926e97da4d0efd2dbfc5
0a716a3825c2565fd8c575ab7904583e07df6bfb87526ccc14483a1b0ed40e46
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0e02c4a956dc46b4bc418a55615b54c3c0e00a7b4aa7c213b76b80cc51cd66e5
0ff5bc4080805d1b92cd893311a3109e7eba4494af0aad0e9c3fd79f25d974a6
107121045a7853e68204b1a3d59ff54da0161a5e601fbb7977e964f4c9105031
107d6e9c431b9f2b21dc2686a1a8572dc38dca56c0846d9e68494c497c9c74f2
158d04ce5ee0af87dac8a355cb0694b8f448c9c60a0ab83e244d2002d4c8dd30
15a308b620c828610e4116027af3219be81fe3387a3cc93c0b48f30ad6c17341
15d2c9891ee435671284903c294405bada28295772a2e013e31f20cbe4242078
1718a500d475a7d43e60f5b0ae7da117ef7dae7b51b1d58c8187d3ccb7561469
1856d9b5b6bab37b309b28fe14f3de828d2997daa7e80b31da276ff234c3a8f6
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
19915b1a8769701f789e431bd814f1ab4e40280c6f3876d5e54fb52e8c1addb3
19f017b060eef42c6c184a49c2293ba61282cf67189da8025a13dd7dd680e588
1c7a64ef7927a72ad708b7e637fe15660ce2886926662417cc58cc7b1d4fc9d2
1da668b550eefcd79d33e6ed0d2d95bdff861c0a27cb966283a9896135c25a25
217c07738e2ac97de6d407dbc3e3f7f7c6d30bbf379cc9d064bec8cffc4e4ed2
228b3251f30d87c5d22b501e01b21a335a8e3d9966dff24f94b3d5a916b1df23
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
2346547ad9ad5c7aba3d07a14b771a7dc389f3132be2357b88a26fc27ead4784
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
29982d4c28264bef9581dfe1a3f682e2e4c0e39ce11ca1b658ca61eb9c7e869b
2c8388e50e961fa519d4cdbe6af42a00478c3c81bccc9d579256d585bab19bb2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3161b8dd446b19dd1284a1a705c4e5fbff69fb5c1bf854113690dd14b1c8c2df
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3a1aa51d90102291805779bbb81389ae44c8f9b2666ab6f088a966c8c8186d99
3ad9460bba5e6421edd709753d9d1aced917ab199d3d76efb58af8288fcca575
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3c382a102b578769791a39026e84cf0b3a819b34331d27018e301e87ab37bc13
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b726fd18aa3355c7f0277952419c5e1b33d3347ee2e4eff5e9b9be73040549
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ea5787f01c0678de86c7861e830f03a3163a2d3a25ddb8fe3b343725dfeabd
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f
4ca3497bc008424dd5c502841f5c3c0aee4bf2452b502defbdc94f60da95e975
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa801dedeab49955dd5f76ca45f223e486d27ad782c5959e002c1fe6150eaec
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
523a9533f11df3058a5b0b01a77e91f3e6ad122daa14d874082fa906aaabe484
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a4a1b07c4425b6a01fd2b85dc1eabb5d49ac221329d77ff17e64c74e6cbdd5
54eacec863498628814d62c486eca8cd1c580c77a4dda865b5941006e40c6e66
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55fcc36756ba70a18a2ec4c371d723ffbf4a24ec94eed3013566b775911caff6
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
5862220784f844113ad16eedf12743d614552bace6a760c4a1e4e457b952d9db
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
5931aada101730e169beb9b417f0156f5e4a58af804813543ee4537ae3c194b6
5d827fff167e3e0dd80812592a22621df80fda7610a0ed3a07ca49f94abe41e3
5db6ba4765f1c66bd5f451cdfad18c7d12a5fb2615b9d561a20b63b39e098cfd
5f7a6e6a2338db74b1a1ebba51aac8e37d1f0e78af0f133d30499a9bc57d810c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60b087588e66eede2b1f17175da45ac5685e9f6c11a9b20824c251a813e6f55f
60f46bfd81485e775d3ba7208cd1de8eb706639b1aaa338f371676199625faa7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
643f8a16ac220c37763778f80d240d23842c3116d46b587d002496cc6feec1ab
67a0efe7750de1fd405c1e45e4d372df8edae60331f8f91a348ffb615811fa59
6834f1f3876aa5073adb8bd925cfbc860807fa618ffd7e833fae210526cae001
6851edc0fca6eb99fa5fa083c37055fb96b62567bcd4730305e755e4cc0ab82a
68947e9ddb590b11f6c1250e1080ff031fb91fddae5b9d41eb307a20ae306e64
69848d17f84889ee20b38a8ec02d1f7502ed0b3ae5352b9533a4cefd6bbe11d4
69b5b96cf9c3ea4f1abfbce7dd1371b24b8a067868084b248b1cd6c5f5d6a4be
6a1b6deeb6d9b1d9947bba08a3f95710af6044247b36eff3cf22d8700838343b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e
6d59be64a04beed93e3eebbe6cc1bc2be05e6f03e726c59b17264735069549c8
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4
703b6590a492ed5252e8a6fcbb5c2eddef1b5464af3282391b7e42317f6980fb
71ec08c379d02f2dc289738042a2b7842b8a3f35a90747497a337326075715ae
72311de052bfd96ef38559c81b625ca11bd5d4cc47a927c326b95aedad11aa1e
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
752ac7b6a1d83373e07af1ee17b3a0e4a304e9b9304b55e49d93c7ab6a1c394e
77a17bd55486aef26d2fbbe92b56672398378b1ad7ba7975c79742b4772d52b1
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7f2d7405f0f4b893d5a21f2bf5607318c2942e8cee5922e05a00b79147dfa3b2
7f4595c0922ca80c69791bc2c3b887d15679c02c4e3ba2ca67747aa5ee50bac8
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
829731dcdf08025f3d898c8c3a68acb42b0496dcdd8fc61f85ec5dbbf6a69b02
830d898d934130a45af1c5cb362bacc74be0edff8ada096b4df52dcc89e9a7d4
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2
8bc094e254d80f5e99646cb1cd1954f66f859bce2cb0395d42500250a17cec7e
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
906d4f1183f60b318cf13b7027aa65a6c37a471038c1667f186b5c09d169165c
90d39658bacdcd452abb1e57316d82ec1623136616c27fe26499bd76ace04e14
90e8f883ccce42b125beabcd398d15313d6b72ca5d069adfb11776f1f057f13d
9244ce685f7367277cff6725c89f999cc8c6e6f53a9b0d4334912f222d351301
9470010730b754d8563690539a873235785bfd53e4af5cd93e0b08567d76c45e
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5
962bbcc401128785f742b72e8242b131004d431bac63ba3adf2cb2e998202dc0
9685a4d85c81e047f2081c57b9030e743390862426250881c5bc02298adaed07
96b873bb250a784b5cf5b82ebd67a1faa3e95932baaba39c43eb8de33618e3ab
977f1afcfa3cca65301bdd18357f8a34ed8a5d119480930ad6c3dbe76062cd95
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
98ad025da55f90c2d3a40af4b85ba698aafe1f5ba257f4805eeb400ce35d2484
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b11ad05fc3967e29cb58c43ef9713a8cc382607f3782c40499c44e80ee6e4d6
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9e942df204042f9b6bf4da48d0790822f58315cc0818297997174c13b8bf8916
9f52ed32d6b3e2f23b1bcc7703d257a9b015a9d5c2471757a3371b010786ca45
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2966c6d80ba8aac43840c0709c66385dda8457f6258b2ce54e710fbf056e3cb
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
a3b65ede8aa80d69086ebfc2ba95190db553d3c3c2dea16d2680f3e38139cf69
a4de1e27f83eb7660e650f61a7b3cae568fff6554aabf2ece6acaaa943814bbb
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a8ba06958297f0be9558ceb69e9af6a47ac8d5130f49e92bc29db08c9403dffd
ac71735f39c340f7bcc05497dc26ffadb3ac700a3aa990d71da86ca182464903
ac7916d27c5f00a80e03d15cc7ea44956ff5633a0c4fb27862d7721f1a8de9c0
ad0009e2696733505c26c03ccc176485c9b1869e8b8858eb2871237140562971
ae2557724830f95907a8313966db803e18f041d706e1fe5a6bb408d901642d87
ae5b80e9d3981cd2c220de12b4a9d96d6897e0021f930fb7bbe2b1178af23d6d
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b3793f1f30ddbc4854cafbf2b9bc37f21c9e6e16b5b87c5607c9f20f9bd77d
b397301548e851bfb0571856c5e4b188e196ded50d53303e57ae85d206778f0e
b41eaede202328cb31b62ef15ba289d329227d8c8c30531e5414249b9de2015c
b6f03b3ae21992a687ba2df27cab37d3af78bb159229f179eabad9936b900800
b8c779f4fa5bf396269317b6ccc5bd0259ff6b28d9dc40eb75cf47aa245b0bde
b8e26b433613fc5167d5dabf7fb0d72514e575cbcebc0078e2cc58dc29b7b4e2
ba005884302c65983e86c49afd2e6bf0d3ca60166c861ee2888d716ceed13e02
bb0f736d0d23ef584314ede0fda44f4a1dd74407a24f0041c9523e657d22d008
bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8
bc9227007193b0a837a770d50ec3024ab991ee740cb694c139e35bee4ff0be1e
beaccc653c47d03c7afbc10a2ae03f6daeb78e15094aa18067533d2d4b4a3bf2
c02ccf4ffd38f6e1602a17e22029a37e1827a19cc5b202d5268c4f9c9336a38d
c063693d624db0edfc01cd250407f03a28978827eb522a63a9bd9a81de1d43fe
c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c6c4f56e8a836304ae006c04332d8c384c6ff201c160cb5a9b89336d02392df9
c8d717c76b14aad6c4fd6c99b7fe803e15a53537cba081a433c8e94b0ac74ce5
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cbf112e7f6c6ce27de3f10dc88b8ff53f44c4df23ec42225eace10786cbf99d9
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d01e0ce8ebc980e3361c9a352d230fcbae74cd7b3c0d83e0676adf3754f0363b
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d17cd1b0750b9aca5b829de55c1825856c83c5a39308ba68f5a8f2a107836d02
d1a2da045d78c4ed73d71581e1607e7ea958d598ff919dfb7fb72d53fb18b43e
d206510a4f660aaa9f13e6c49612cf0373b7f99bedc62d276a1150e6ff7513a9
d30ebe5017ee0a99c84556e36d105000a7352a72b16bdd457a813ff75197ce46
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
d5b91b74c3adc2d12f3ca42eeb69a8c59adac9f59e9fdf30d62504d1be9835f7
d7133c07da0d7df5ae3d5fe3ff8a67982a5af918e7ec147af765f1ba7e14b641
d913144f69807246e27404060909e5ee9cf740eead3adf1db3a6d1bb1805e03d
da1b94b16cc73ab273a2c57777f6023480e0c24e607e48233a47ca6ecaa2d058
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dafb55115d5e7d0cefaf8560477f6a340422c35c544ecbc15caa3dbec95a5fec
dd5ecb6c1299f05c9b6f44225275198c2aa45956538fc21a86593bba0bf3986d
ddc584d44835ba7b534f2dded52f56d104cb8d8951faed6fde802e4121b970dd
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40a8b2a2714716ecf2920b76b66a999b525844a13239c8bc8764c3656b3e5cd
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e86016be4caf9bb99fc3944097ecacedbb139ff2f8421d9c74dc56cc3e3f1c27
e8794756b493b60c2a9881aad87e666cc00f24398ff0d075d31ad2a771b876bc
eb369005de05fb33b88404fd5d022a6f808e8fd01de9dce04c18f09a9c272c95
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ece864356b2a5fcc81af5663854530d87ebcb622acea8cc5a95bd7a64449ed3a
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
ef0e671e922fc0fe31a2c3482e697f3c1d08450cc95a391452adebefc1e791ed
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4590b347c3fdbcd8a26880f4d71fade63e04dbe8d650925ceb5f71f61726ac1
f4f6adfb5ea3d9502595163ad4b4d3d57fb796477f2e23d1980687f3abad5f38
f582d452c8d91509d4fb0b3408b4f42b913dae4b0cbe3196ee076940c0d15739
f58e6745de6de51a1ed7252fc74c7a0d13a570034fd45e12336f0c40b0ebdb1e
f7146ec48f5f79a5b5a9788163ed38dada4ce3e102c07118dd94dab86dc0fb46
fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da
fad08488ab9bdf68897a3a6eeb699584c94d259cf814b1f81a330964852f0274
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd
fc4508ce72fb8c96bb9d5baee833c2c1fe358c525527a85e36a0f03bcb3a16b9
fce1a98db0531c27cfef47e2bfff90b511ad1a946d72d9eb92f125d256d7227d
fd8e6d26ae464a400f3c77955c4d426cec2d159f514c30ff72f9155f6e606a15
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
fecad8e87224d77c1c5df9ede853ccae7d4be0801328b372c2c900ad8a71fa93
ff031a7c21194a138ccdc0089b95dbc769915e0986f21509d207772460f05af9

uintacountyherald.com Open in urlscan Pro 2606:4700:3035::6815:3136 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

362 Requests

92 %HTTPS

34 %IPv6

69 Domains

113 Subdomains

98 IPs

11 Countries

17338 kBTransfer

25648 kBSize

50 Cookies

12 Outgoing links

Page URL History

Redirected requests

362 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

uintacountyherald.com Open in urlscan Pro
2606:4700:3035::6815:3136 Public Scan

Screenshot
Live screenshot

Full Image

362
Requests

92 %
HTTPS

34 %
IPv6

69
Domains

113
Subdomains

98
IPs

11
Countries

17338 kB
Transfer

25648 kB
Size

50
Cookies

362 HTTP transactions
5 data transactions