urlscan.io logo urlscan.io
SecurityTrails logo

www.sltrib.com Open in urlscan Pro
2.16.186.138  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.sltrib.com/
Submission: On February 28 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 127 IPs in 10 countries across 96 domains to perform 566 HTTP transactions. The main IP is 2.16.186.138, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.sltrib.com.
TLS certificate: Issued by R3 on January 22nd 2021. Valid for: 3 months.
This is the only time www.sltrib.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
51 2.16.186.138 20940 (AKAMAI-ASN1)
1 143.204.94.161 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 69.16.220.201 32244 (LIQUIDWEB)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
12 56 172.217.18.98 15169 (GOOGLE)
2 2600:9000:206... 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
7 151.101.113.194 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 172.217.18.102 15169 (GOOGLE)
1 3 172.217.16.134 15169 (GOOGLE)
1 199.232.136.157 54113 (FASTLY)
3 107.23.67.161 14618 (AMAZON-AES)
2 2600:9000:21f... 16509 (AMAZON-02)
1 2a04:4e42:600... 54113 (FASTLY)
14 13.224.192.34 16509 (AMAZON-02)
1 1 151.101.14.137 54113 (FASTLY)
2 151.101.114.137 54113 (FASTLY)
1 2606:4700:e2:... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 13 2.18.234.21 16625 (AKAMAI-AS)
3 6 66.155.71.25 13768 (COGECO-PEER1)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 13.32.24.112 16509 (AMAZON-02)
1 65.9.58.124 16509 (AMAZON-02)
1 1 216.152.140.212 13768 (COGECO-PEER1)
1 66.155.71.189 13768 (COGECO-PEER1)
1 104.244.42.133 13414 (TWITTER)
2 2a00:1450:400... 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.195 13414 (TWITTER)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:2638:1::3 44788 (ASN-CRITE...)
2 34.120.207.148 15169 (GOOGLE)
2 7 54.74.225.211 16509 (AMAZON-02)
1 34.251.61.210 16509 (AMAZON-02)
1 2a02:2638::1c 44788 (ASN-CRITE...)
1 178.63.12.147 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 68 2a00:1450:400... 15169 (GOOGLE)
5 30 35.244.159.8 15169 (GOOGLE)
5 69.173.144.141 26667 (RUBICONPR...)
9 18 185.33.221.14 29990 (ASN-APPNEX)
5 104.111.215.135 16625 (AKAMAI-AS)
4 178.250.2.131 44788 (ASN-CRITE...)
2 198.148.27.134 19189 (PULSEPOINT)
3 2a00:1288:110... 34010 (YAHOO-IRD)
6 6 18.159.187.109 16509 (AMAZON-02)
8 8 35.158.9.168 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
6 6 52.214.70.9 16509 (AMAZON-02)
4 4 185.29.132.144 30419 (MEDIAMATH...)
4 4 2620:116:800d... 16509 (AMAZON-02)
6 6 37.157.5.142 198622 (ADFORM)
7 2a00:1450:400... 15169 (GOOGLE)
2 104.215.88.166 8075 (MICROSOFT...)
1 1 51.255.68.171 16276 (OVH)
15 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 10 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
26 3.130.148.110 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
7 18.217.204.33 16509 (AMAZON-02)
4 7 216.52.2.19 29791 (VOXEL-DOT...)
3 52.45.248.59 14618 (AMAZON-AES)
2 104.154.142.214 15169 (GOOGLE)
3 213.19.147.210 3356 (LEVEL3)
8 18.211.21.136 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 3.122.57.214 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
17 18.203.96.5 16509 (AMAZON-02)
5 151.101.194.137 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:211... 16509 (AMAZON-02)
1 13.224.194.170 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
3 54.158.142.157 14618 (AMAZON-AES)
1 52.200.180.114 14618 (AMAZON-AES)
1 2600:9000:211... 16509 (AMAZON-02)
2 193.122.130.38 31898 (ORACLE-BM...)
1 18.197.249.149 16509 (AMAZON-02)
2 104.16.68.69 13335 (CLOUDFLAR...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 2 52.215.241.211 16509 (AMAZON-02)
4 136.144.59.88 54825 (PACKET)
1 18.196.104.43 16509 (AMAZON-02)
1 178.162.133.150 60781 (LEASEWEB-...)
2 192.96.200.41 30633 (LEASEWEB-...)
1 2600:9000:211... 16509 (AMAZON-02)
1 18.193.58.245 16509 (AMAZON-02)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 5 35.186.253.211 15169 (GOOGLE)
1 4 69.173.144.139 26667 (RUBICONPR...)
1 1 52.59.46.254 16509 (AMAZON-02)
4 4 213.19.147.150 3356 (LEVEL3)
1 1 185.86.137.107 201081 (SMARTADSE...)
4 4 18.195.155.181 16509 (AMAZON-02)
2 178.162.133.149 60781 (LEASEWEB-...)
1 54.36.109.22 16276 (OVH)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 104.17.120.107 13335 (CLOUDFLAR...)
1 152.199.22.191 15133 (EDGECAST)
2 104.108.50.124 16625 (AKAMAI-AS)
1 67.202.110.22 32748 (STEADFAST)
2 2.18.233.180 16625 (AKAMAI-AS)
1 151.101.13.108 54113 (FASTLY)
1 185.64.190.78 62713 (AS-PUBMATIC)
1 2 52.94.232.32 16509 (AMAZON-02)
1 2 108.128.151.98 16509 (AMAZON-02)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 2 52.48.248.240 16509 (AMAZON-02)
1 51.178.20.139 16276 (OVH)
1 178.250.0.163 44788 (ASN-CRITE...)
2 2 213.155.156.183 1299 (TELIANET ...)
1 22 185.64.190.80 62713 (AS-PUBMATIC)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 1 87.98.228.78 16276 (OVH)
1 173.231.181.122 29791 (VOXEL-DOT...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 198.148.27.139 19189 (PULSEPOINT)
1 2 151.101.13.44 54113 (FASTLY)
1 2 35.227.248.159 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.249 62713 (AS-PUBMATIC)
1 169.50.137.190 36351 (SOFTLAYER)
2 2 3.126.56.137 16509 (AMAZON-02)
1 185.64.189.114 62713 (AS-PUBMATIC)
2 2 52.50.99.220 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (TURN)
2 2 151.101.114.49 54113 (FASTLY)
1 1 66.155.71.149 13768 (COGECO-PEER1)
1 1 159.65.196.12 14061 (DIGITALOC...)
1 1 34.98.107.212 15169 (GOOGLE)
1 1 185.33.221.52 29990 (ASN-APPNEX)
1 185.64.190.81 62713 (AS-PUBMATIC)
566 127
51    2.16.186.138 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-138.deploy.static.akamaitechnologies.com
www.sltrib.com
1    143.204.94.161 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-161.fra50.r.cloudfront.net
js.adsrvr.org
1    2a02:26f0:6c00:287::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
1    69.16.220.201 (United States)

ASN32244 (LIQUIDWEB, US)
local.sltrib.com
1    2a02:26f0:6c00:19a::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
56    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
2    2600:9000:206f:5400:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    2600:9000:2156:4000:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.osano.com
7    151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
includemodal.global.ssl.fastly.net
confiant-integrations.global.ssl.fastly.net
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    172.217.18.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f6.1e100.net
8208269.fls.doubleclick.net
3    172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net
8234312.fls.doubleclick.net
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
3    107.23.67.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-67-161.compute-1.amazonaws.com
ping.chartbeat.net
2    2600:9000:21f3:7e00:d:77c3:2dc0:21 (United States)

ASN16509 (AMAZON-02, US)
d2s8wlbatk24s7.cloudfront.net
1    2a04:4e42:600::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
14    13.224.192.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-34.fra2.r.cloudfront.net
c.amazon-adsystem.com
1    151.101.14.137 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cd.connatix.com
2    151.101.114.137 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cds.connatix.com
1    2606:4700:e2::ac40:8a06 (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
3    2606:4700::6811:b8b1 (United States)

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
13    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
as-sec.casalemedia.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
6    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-a.basis.net
pixel.sitescout.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    13.32.24.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-24-112.fra56.r.cloudfront.net
cdn.p-n.io
1    65.9.58.124 (United States)

ASN16509 (AMAZON-02, US)
public.profitwell.com
1    216.152.140.212 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
clickserv.basis.net
1    66.155.71.189 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
clickserv.sitescout.com
1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
24    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
adservice.google.dk
www.googletagservices.com
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a02:26f0:6c00:2bd::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.cxense.com
1    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    34.120.207.148 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com
api.rlcdn.com
7    54.74.225.211 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
1    34.251.61.210 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
insight.adsrvr.org
1    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.63.12.147 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: de715.cxense.com
scomcluster.cxense.com
1    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
19    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
68    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
30    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
sltrib-d.openx.net
eu-u.openx.net
us-u.openx.net
os4m-d.openx.net
insticator-d.openx.net
5    69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
18    185.33.221.14 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
5    104.111.215.135 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-135.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
4    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    198.148.27.134 (New York, United States)

ASN19189 (PULSEPOINT, US)
bid.contextweb.com
3    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
6    18.159.187.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
8    35.158.9.168 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
odr.mookie1.com
6    52.214.70.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
4    185.29.132.144 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
6    37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
7    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.dk
googleads.g.doubleclick.net
adservice.google.de
2    104.215.88.166 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ads3.mthsense.com
1    51.255.68.171 (France)

ASN16276 (OVH, FR)
dsp.nrich.ai
15    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
10    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:813::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
26    3.130.148.110 (Columbus, United States)

ASN16509 (AMAZON-02, US)
includemodal.com
4    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    18.217.204.33 (United States)

ASN16509 (AMAZON-02, US)
capi.connatix.com
7    216.52.2.19 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
3    52.45.248.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
ssc.33across.com
2    104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
lockerdome.com
3    213.19.147.210 (United Kingdom)

ASN3356 (LEVEL3, US)
tag.1rx.io
8    18.211.21.136 (United States)

ASN14618 (AMAZON-AES, US)
x.yieldlift.com
1    2606:4700::6811:b7b1 (United States)

ASN13335 (CLOUDFLARENET, US)
id.sltrib.com
1    3.122.57.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
btlr.sharethrough.com
2    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
6    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
2    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn2.gstatic.com
17    18.203.96.5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
s.srvsynd.com
5    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
vid.connatix.com
img.connatix.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
5    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
a828656d04a9d8773a73dee54db9d850.safeframe.googlesyndication.com
aef5dbe965e8814201292128fa45d2a2.safeframe.googlesyndication.com
656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com
1    2600:9000:211e:4c00:5:ee0e:9e80:21 (United States)

ASN16509 (AMAZON-02, US)
d3oi8laqsvc6ey.cloudfront.net
1    13.224.194.170 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-170.fra2.r.cloudfront.net
d2na2p72vtqyok.cloudfront.net
1    2607:f8b0:4002:c03::78 (Atlanta, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2600:9000:21f3:de00:1c:386f:ec80:21 (United States)

ASN16509 (AMAZON-02, US)
d3lcz8vpax4lo2.cloudfront.net
3    54.158.142.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
geoip.insticator.com
event.insticator.com
1    52.200.180.114 (United States)

ASN14618 (AMAZON-AES, US)
b2c.insticator.com
1    2600:9000:211e:d000:10:3422:3f00:21 (United States)

ASN16509 (AMAZON-02, US)
df80k0z3fi8zg.cloudfront.net
2    193.122.130.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
prebid.technoratimedia.com
1    18.197.249.149 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ice.360yield.com
2    104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
cdn.districtm.io
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    52.215.241.211 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
g2.gumgum.com
rtb.gumgum.com
4    136.144.59.88 (Secaucus, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    18.196.104.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
hb.emxdgt.com
1    178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
2    192.96.200.41 (United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
sync.aralego.com
1    2600:9000:211e:9e00:1a:5302:20c0:21 (United States)

ASN16509 (AMAZON-02, US)
dh014lg6uwepv.cloudfront.net
1    18.193.58.245 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
protected-by.clarium.io
2    2a02:fa8:8806:16::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
pubmatic-match.dotomi.com
5    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
1    52.59.46.254 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
match.360yield.com
4    213.19.147.150 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
1    185.86.137.107 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
4    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
cs.emxdgt.com
2    178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
1    54.36.109.22 (France)

ASN16276 (OVH, FR)
PTR: p09.id5-sync.com
id5-sync.com
1    2606:4700:20::681a:567 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
1    104.17.120.107 (United States)

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
1    152.199.22.191 (United States)

ASN15133 (EDGECAST, US)
ad-cdn.technoratimedia.com
2    104.108.50.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-50-124.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    67.202.110.22 (United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-110.static.steadfastdns.net
ssc-cms.33across.com
2    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    52.94.232.32 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    108.128.151.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-151-98.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    52.48.248.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-248-240.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    51.178.20.139 (France)

ASN16276 (OVH, FR)
PTR: proxy0393.eu3.dynfactory.com
gu.dyntrk.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    213.155.156.183 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-183.teliacarrier-cust.com
d5p.de17a.com
22    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    87.98.228.78 (Spain)

ASN16276 (OVH, FR)
green.erne.co
1    173.231.181.122 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
match.taboola.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
pixel.tapad.com
1    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
1    185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
1    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ups.analytics.yahoo.com
1    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    52.50.99.220 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
r.scoota.co
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
2    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ads.playground.xyz
1    185.33.221.52 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
Apex Domain
Subdomains		 Transfer
96 googlesyndication.com
pagead2.googlesyndication.com
864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
tpc.googlesyndication.com
a828656d04a9d8773a73dee54db9d850.safeframe.googlesyndication.com
aef5dbe965e8814201292128fa45d2a2.safeframe.googlesyndication.com
656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com
734 KB
66 doubleclick.net
securepubads.g.doubleclick.net
8208269.fls.doubleclick.net
8234312.fls.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
597 KB
53 sltrib.com
www.sltrib.com
local.sltrib.com
id.sltrib.com
1 MB
35 openx.net
sltrib-d.openx.net
eu-u.openx.net
us-u.openx.net
os4m-d.openx.net
insticator-d.openx.net
rtb.openx.net
9 KB
29 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
aud.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
51 KB
26 includemodal.com
includemodal.com
5 KB
20 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
33 KB
18 google.com
adservice.google.com
www.google.com
2 KB
17 srvsynd.com
s.srvsynd.com
41 KB
16 gstatic.com
fonts.gstatic.com
www.gstatic.com
encrypted-tbn3.gstatic.com
encrypted-tbn2.gstatic.com
csi.gstatic.com
283 KB
16 googletagservices.com
www.googletagservices.com
463 KB
16 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
71 KB
15 ampproject.org
cdn.ampproject.org
295 KB
15 casalemedia.com
htlb.casalemedia.com
as-sec.casalemedia.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
11 KB
15 connatix.com
cd.connatix.com
cds.connatix.com
capi.connatix.com
vid.connatix.com
img.connatix.com
280 KB
11 rubiconproject.com
fastlane.rubiconproject.com
pixel.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
19 KB
9 adsrvr.org
js.adsrvr.org
match.adsrvr.org
insight.adsrvr.org
5 KB
8 yieldlift.com
x.yieldlift.com
5 KB
8 bidswitch.net
x.bidswitch.net
3 KB
7 1rx.io
tag.1rx.io
sync.1rx.io
2 KB
7 lijit.com
ap.lijit.com
5 KB
7 cloudfront.net
d2s8wlbatk24s7.cloudfront.net
d3oi8laqsvc6ey.cloudfront.net
d2na2p72vtqyok.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
df80k0z3fi8zg.cloudfront.net
dh014lg6uwepv.cloudfront.net
200 KB
7 fastly.net
includemodal.global.ssl.fastly.net
confiant-integrations.global.ssl.fastly.net
145 KB
6 adform.net
c1.adform.net
2 KB
6 bidr.io
match.prod.bidr.io
3 KB
6 w55c.net
pm.w55c.net
4 KB
6 criteo.com
gum.criteo.com
bidder.criteo.com
dis.criteo.com
1010 B
6 google.de
adservice.google.de
www.google.de
2 KB
5 emxdgt.com
hb.emxdgt.com
cs.emxdgt.com
978 B
5 googleapis.com
fonts.googleapis.com
storage.googleapis.com
608 KB
5 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
3 KB
5 sitescout.com
pixel.sitescout.com
clickserv.sitescout.com
pixel-sync.sitescout.com
795 B
4 a-mo.net
prebid.a-mo.net
1 KB
4 insticator.com
geoip.insticator.com
b2c.insticator.com
event.insticator.com
3 KB
4 33across.com
ssc.33across.com
ssc-cms.33across.com
2 KB
4 quantserve.com
pixel.quantserve.com
2 KB
4 mathtag.com
sync.mathtag.com
2 KB
4 basis.net
pixel-a.basis.net
clickserv.basis.net
269 B
3 sonobi.com
apex.go.sonobi.com
sync.go.sonobi.com
2 KB
3 technoratimedia.com
prebid.technoratimedia.com
ad-cdn.technoratimedia.com
6 KB
3 contextweb.com
bid.contextweb.com
bh.contextweb.com
1 KB
3 cxense.com
cdn.cxense.com
scomcluster.cxense.com
33 KB
3 indexww.com
js-sec.indexww.com
46 KB
3 tinypass.com
experience.tinypass.com
cdn.tinypass.com
129 KB
3 chartbeat.net
ping.chartbeat.net
505 B
3 google-analytics.com
www.google-analytics.com
19 KB
3 chartbeat.com
static.chartbeat.com
mab.chartbeat.com
24 KB
2 everesttech.net
sync-tm.everesttech.net
552 B
2 scoota.co
r.scoota.co
1 KB
2 fiftyt.com
visitor.fiftyt.com
992 B
2 semasio.net
uipglob.semasio.net
1 KB
2 tapad.com
pixel.tapad.com
616 B
2 taboola.com
trc.taboola.com
match.taboola.com
559 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 crwdcntrl.net
bcp.crwdcntrl.net
974 B
2 demdex.net
dpm.demdex.net
2 KB
2 dotomi.com
dclk-match.dotomi.com
pubmatic-match.dotomi.com
207 B
2 aralego.com
hb.aralego.com
sync.aralego.com
589 B
2 gumgum.com
g2.gumgum.com
rtb.gumgum.com
1 KB
2 districtm.io
dmx.districtm.io
cdn.districtm.io
425 B
2 360yield.com
ice.360yield.com
match.360yield.com
820 B
2 lockerdome.com
lockerdome.com
854 B
2 mthsense.com
ads3.mthsense.com
7 KB
2 google.dk
adservice.google.dk
2 KB
2 rlcdn.com
api.rlcdn.com
242 B
2 facebook.com
www.facebook.com
407 B
2 facebook.net
connect.facebook.net
93 KB
2 googletagmanager.com
www.googletagmanager.com
103 KB
2 go-mpulse.net
s.go-mpulse.net
c.go-mpulse.net
51 KB
1 playground.xyz
ads.playground.xyz
491 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 turn.com
ad.turn.com
518 B
1 simpli.fi
um.simpli.fi
609 B
1 zeotap.com
mwzeom.zeotap.com
595 B
1 adgrx.com
cm.adgrx.com
408 B
1 erne.co
green.erne.co
325 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 dyntrk.com
gu.dyntrk.com
215 B
1 rfihub.com
p.rfihub.com
741 B
1 brealtime.com
biddr.brealtime.com
1 KB
1 aralego.net
cdn.aralego.net
1 KB
1 id5-sync.com
id5-sync.com
926 B
1 smartadserver.com
ssbsync.smartadserver.com
455 B
1 clarium.io
protected-by.clarium.io
345 B
1 sharethrough.com
btlr.sharethrough.com
113 B
1 nrich.ai
dsp.nrich.ai
486 B
1 mookie1.com
odr.mookie1.com
324 B
1 criteo.net
static.criteo.net
37 KB
1 twitter.com
analytics.twitter.com
387 B
1 t.co
t.co
449 B
1 profitwell.com
public.profitwell.com
15 KB
1 p-n.io
cdn.p-n.io
69 KB
1 npttech.com
www.npttech.com
3 KB
1 ads-twitter.com
static.ads-twitter.com
2 KB
1 osano.com
cmp.osano.com
98 KB
566 96
Domain Requested by
68 tpc.googlesyndication.com 2 redirects securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.sltrib.com
cdn.ampproject.org
864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
a828656d04a9d8773a73dee54db9d850.safeframe.googlesyndication.com
confiant-integrations.global.ssl.fastly.net
656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com
51 www.sltrib.com www.sltrib.com
34 securepubads.g.doubleclick.net www.sltrib.com
securepubads.g.doubleclick.net
www.googletagservices.com
864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
confiant-integrations.global.ssl.fastly.net
656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com
26 includemodal.com www.sltrib.com
22 cm.g.doubleclick.net 12 redirects eu-u.openx.net
656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com
19 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com
18 ib.adnxs.com 9 redirects js-sec.indexww.com
storage.googleapis.com
df80k0z3fi8zg.cloudfront.net
acdn.adnxs.com
17 s.srvsynd.com cd.connatix.com
s.srvsynd.com
16 www.googletagservices.com securepubads.g.doubleclick.net
www.sltrib.com
864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
a828656d04a9d8773a73dee54db9d850.safeframe.googlesyndication.com
d3lcz8vpax4lo2.cloudfront.net
656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com
15 cdn.ampproject.org securepubads.g.doubleclick.net
14 simage2.pubmatic.com 1 redirects image6.pubmatic.com
ads.pubmatic.com
14 eu-u.openx.net 3 redirects js-sec.indexww.com
eu-u.openx.net
df80k0z3fi8zg.cloudfront.net
14 c.amazon-adsystem.com www.sltrib.com
c.amazon-adsystem.com
d3lcz8vpax4lo2.cloudfront.net
11 www.google.com 3 redirects www.sltrib.com
864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
a828656d04a9d8773a73dee54db9d850.safeframe.googlesyndication.com
656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com
9 us-u.openx.net eu-u.openx.net
8 image2.pubmatic.com image6.pubmatic.com
ads.pubmatic.com
8 x.yieldlift.com storage.googleapis.com
8 x.bidswitch.net 8 redirects
7 ap.lijit.com 4 redirects storage.googleapis.com
df80k0z3fi8zg.cloudfront.net
7 capi.connatix.com cd.connatix.com
7 match.adsrvr.org 2 redirects js-sec.indexww.com
eu-u.openx.net
ssum-sec.casalemedia.com
7 adservice.google.com 8234312.fls.doubleclick.net
8208269.fls.doubleclick.net
securepubads.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
6 encrypted-tbn3.gstatic.com 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
6 c1.adform.net 6 redirects
6 match.prod.bidr.io 6 redirects
6 pm.w55c.net 6 redirects
5 rtb.openx.net 3 redirects
5 htlb.casalemedia.com js-sec.indexww.com
storage.googleapis.com
df80k0z3fi8zg.cloudfront.net
5 fastlane.rubiconproject.com js-sec.indexww.com
storage.googleapis.com
df80k0z3fi8zg.cloudfront.net
5 adservice.google.de 1 redirects adservice.google.com
securepubads.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
4 cs.emxdgt.com 4 redirects
4 sync.1rx.io 4 redirects
4 prebid.a-mo.net df80k0z3fi8zg.cloudfront.net
4 img.connatix.com
4 googleads.g.doubleclick.net 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
www.sltrib.com
4 fonts.gstatic.com fonts.googleapis.com
4 pixel.quantserve.com 4 redirects
4 sync.mathtag.com 4 redirects
4 bidder.criteo.com static.criteo.net
4 sltrib-d.openx.net 2 redirects
4 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 includemodal.global.ssl.fastly.net www.sltrib.com
securepubads.g.doubleclick.net
3 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 pixel.rubiconproject.com 1 redirects
3 confiant-integrations.global.ssl.fastly.net d3lcz8vpax4lo2.cloudfront.net
confiant-integrations.global.ssl.fastly.net
3 www.gstatic.com 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com
3 tag.1rx.io storage.googleapis.com
df80k0z3fi8zg.cloudfront.net
3 ssc.33across.com storage.googleapis.com
df80k0z3fi8zg.cloudfront.net
3 fonts.googleapis.com securepubads.g.doubleclick.net
864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
3 pr-bh.ybp.yahoo.com eu-u.openx.net
ads.pubmatic.com
3 pixel.sitescout.com www.sltrib.com
8234312.fls.doubleclick.net
3 pixel-a.basis.net 3 redirects
3 js-sec.indexww.com www.googletagmanager.com
df80k0z3fi8zg.cloudfront.net
ssum-sec.casalemedia.com
3 ping.chartbeat.net www.sltrib.com
3 8234312.fls.doubleclick.net 1 redirects www.sltrib.com
adservice.google.com
3 www.google-analytics.com www.sltrib.com
www.googletagmanager.com
www.google-analytics.com
2 sync-tm.everesttech.net 2 redirects
2 r.scoota.co 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 visitor.fiftyt.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 pixel.tapad.com 1 redirects image6.pubmatic.com
2 d5p.de17a.com 2 redirects
2 bcp.crwdcntrl.net 1 redirects ssum-sec.casalemedia.com
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 ssum.casalemedia.com 2 redirects
2 ads.pubmatic.com df80k0z3fi8zg.cloudfront.net
ads.pubmatic.com
2 eus.rubiconproject.com df80k0z3fi8zg.cloudfront.net
eus.rubiconproject.com
2 sync.go.sonobi.com storage.googleapis.com
2 656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com confiant-integrations.global.ssl.fastly.net
2 event.insticator.com d3lcz8vpax4lo2.cloudfront.net
2 prebid.technoratimedia.com df80k0z3fi8zg.cloudfront.net
2 a828656d04a9d8773a73dee54db9d850.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 encrypted-tbn2.gstatic.com 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
2 os4m-d.openx.net storage.googleapis.com
2 lockerdome.com storage.googleapis.com
2 storage.googleapis.com ads3.mthsense.com
2 ads3.mthsense.com securepubads.g.doubleclick.net
2 as-sec.casalemedia.com js-sec.indexww.com
2 bid.contextweb.com js-sec.indexww.com
2 adservice.google.dk securepubads.g.doubleclick.net
2 api.rlcdn.com js-sec.indexww.com
df80k0z3fi8zg.cloudfront.net
2 cdn.cxense.com cdn.tinypass.com
cdn.cxense.com
2 www.facebook.com www.sltrib.com
2 connect.facebook.net www.sltrib.com
connect.facebook.net
2 experience.tinypass.com www.sltrib.com
cdn.tinypass.com
2 cds.connatix.com www.sltrib.com
cd.connatix.com
2 d2s8wlbatk24s7.cloudfront.net includemodal.global.ssl.fastly.net
d3oi8laqsvc6ey.cloudfront.net
2 8208269.fls.doubleclick.net 1 redirects www.sltrib.com
2 www.googletagmanager.com www.sltrib.com
www.googletagmanager.com
2 static.chartbeat.com www.sltrib.com
1 simage4.pubmatic.com ads.pubmatic.com
1 rtb.gumgum.com 1 redirects
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 pixel-sync.sitescout.com 1 redirects
1 ad.turn.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 match.taboola.com image6.pubmatic.com
1 trc.taboola.com 1 redirects
1 bh.contextweb.com 1 redirects
1 s.tribalfusion.com image6.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cm.adgrx.com image6.pubmatic.com
1 green.erne.co 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com image6.pubmatic.com
1 gu.dyntrk.com ssum-sec.casalemedia.com
1 p.rfihub.com 1 redirects
1 token.rubiconproject.com eus.rubiconproject.com
1 image6.pubmatic.com ads.pubmatic.com
1 sync.aralego.com cdn.aralego.net
1 acdn.adnxs.com df80k0z3fi8zg.cloudfront.net
1 ssc-cms.33across.com df80k0z3fi8zg.cloudfront.net
1 ad-cdn.technoratimedia.com df80k0z3fi8zg.cloudfront.net
1 biddr.brealtime.com df80k0z3fi8zg.cloudfront.net
1 cdn.aralego.net df80k0z3fi8zg.cloudfront.net
1 cdn.districtm.io df80k0z3fi8zg.cloudfront.net
1 id5-sync.com df80k0z3fi8zg.cloudfront.net
1 ssbsync.smartadserver.com 1 redirects
1 match.360yield.com 1 redirects
1 dclk-match.dotomi.com 656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com
1 protected-by.clarium.io 656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com
1 dh014lg6uwepv.cloudfront.net www.sltrib.com
1 hb.aralego.com df80k0z3fi8zg.cloudfront.net
1 apex.go.sonobi.com df80k0z3fi8zg.cloudfront.net
1 hb.emxdgt.com df80k0z3fi8zg.cloudfront.net
1 g2.gumgum.com df80k0z3fi8zg.cloudfront.net
1 hbopenbid.pubmatic.com df80k0z3fi8zg.cloudfront.net
1 dmx.districtm.io df80k0z3fi8zg.cloudfront.net
1 ice.360yield.com df80k0z3fi8zg.cloudfront.net
1 insticator-d.openx.net df80k0z3fi8zg.cloudfront.net
1 df80k0z3fi8zg.cloudfront.net d3lcz8vpax4lo2.cloudfront.net
1 b2c.insticator.com d3lcz8vpax4lo2.cloudfront.net
1 geoip.insticator.com d3lcz8vpax4lo2.cloudfront.net
1 d3lcz8vpax4lo2.cloudfront.net d2na2p72vtqyok.cloudfront.net
1 csi.gstatic.com securepubads.g.doubleclick.net
1 d2na2p72vtqyok.cloudfront.net www.sltrib.com
1 d3oi8laqsvc6ey.cloudfront.net securepubads.g.doubleclick.net
1 aef5dbe965e8814201292128fa45d2a2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 vid.connatix.com cd.connatix.com
1 btlr.sharethrough.com storage.googleapis.com
1 id.sltrib.com cdn.tinypass.com
1 dsp.nrich.ai 1 redirects
1 odr.mookie1.com eu-u.openx.net
1 www.google.de
1 stats.g.doubleclick.net www.google-analytics.com
1 scomcluster.cxense.com
1 gum.criteo.com static.criteo.net
1 insight.adsrvr.org js.adsrvr.org
1 static.criteo.net js-sec.indexww.com
1 cdn.tinypass.com experience.tinypass.com
1 analytics.twitter.com static.ads-twitter.com
1 t.co www.sltrib.com
1 clickserv.sitescout.com www.sltrib.com
1 clickserv.basis.net 1 redirects
1 public.profitwell.com www.sltrib.com
1 cdn.p-n.io www.googletagmanager.com
1 www.npttech.com www.sltrib.com
1 cd.connatix.com 1 redirects
1 mab.chartbeat.com static.chartbeat.com
1 static.ads-twitter.com www.sltrib.com
1 cmp.osano.com www.sltrib.com
1 c.go-mpulse.net s.go-mpulse.net
1 local.sltrib.com www.sltrib.com
1 s.go-mpulse.net www.sltrib.com
1 js.adsrvr.org www.sltrib.com
566 174
Subject Issuer Validity Valid
star.arcpublishing.com
R3		 2021-01-22 -
2021-04-22		 3 months crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
akstat.io
DigiCert Secure Site ECC CA-1		 2020-05-06 -
2021-08-05		 a year crt.sh
local.sltrib.com
cPanel, Inc. Certification Authority		 2021-02-11 -
2021-05-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2020-06-01 -
2021-06-02		 a year crt.sh
cmp.osano.com
Amazon		 2020-08-26 -
2021-09-25		 a year crt.sh
*.freetls.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-04-21 -
2021-04-22		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA		 2020-08-14 -
2021-08-19		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2020-12-01 -
2021-12-30		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
f6.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-02-26 -
2021-04-24		 2 months crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2020-09-29 -
2021-10-19		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-05 -
2021-08-05		 a year crt.sh
*.piano.io
Sectigo RSA Domain Validation Secure Server CA		 2020-09-17 -
2021-09-17		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-03-02 -
2021-04-01		 a year crt.sh
*.sitescout.com
RapidSSL RSA CA 2018		 2020-01-15 -
2022-02-02		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
*.p-n.io
Amazon		 2020-04-04 -
2021-05-04		 a year crt.sh
*.profitwell.com
Amazon		 2020-08-31 -
2021-09-30		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.google.de
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.cxense.com
DigiCert SHA2 Secure Server CA		 2020-03-11 -
2021-06-10		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-14 -
2021-04-23		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.google.dk
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-30 -
2021-04-27		 6 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
ads3.mthsense.com
Go Daddy Secure Certificate Authority - G2		 2020-11-03 -
2021-11-03		 a year crt.sh
misc-sni.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
includemodal.com
Amazon		 2020-11-15 -
2021-12-14		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2020-03-11 -
2021-05-10		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2019-10-01 -
2021-09-30		 2 years crt.sh
*.lockerdome.com
Go Daddy Secure Certificate Authority - G2		 2020-09-27 -
2021-10-29		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2019-06-28 -
2021-06-27		 2 years crt.sh
*.yieldlift.com
Amazon		 2021-01-30 -
2022-02-27		 a year crt.sh
id.sltrib.com
Cloudflare Inc ECC CA-3		 2020-09-30 -
2021-09-30		 a year crt.sh
*.sharethrough.com
Amazon		 2020-09-09 -
2021-10-11		 a year crt.sh
srvsynd.com
R3		 2021-02-04 -
2021-05-05		 3 months crt.sh
*.insticator.com
Sectigo RSA Organization Validation Secure Server CA		 2020-08-24 -
2021-08-24		 a year crt.sh
*.360yield.com
Amazon		 2020-08-26 -
2021-09-26		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2020-07-01 -
2021-07-01		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.technoratimedia.com
DigiCert SHA2 High Assurance Server CA		 2020-07-28 -
2021-10-01		 a year crt.sh
*.gumgum.com
Amazon		 2020-07-03 -
2021-08-03		 a year crt.sh
*.a-mo.net
R3		 2021-01-11 -
2021-04-11		 3 months crt.sh
*.emxdgt.com
Amazon		 2020-07-31 -
2021-08-30		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-23 -
2021-11-21		 2 years crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2		 2020-04-03 -
2022-04-26		 2 years crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.id5-sync.com
R3		 2020-12-26 -
2021-03-26		 3 months crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2020-01-22 -
2022-03-22		 2 years crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-29 -
2021-04-14		 5 months crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2019-06-13 -
2021-06-28		 2 years crt.sh
gu.dyntrk.com
R3		 2021-02-09 -
2021-05-10		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.semasio.net
Sectigo ECC Domain Validation Secure Server CA		 2020-03-09 -
2021-03-27		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh

This page contains 60 frames:

Primary Page: https://www.sltrib.com/
Frame ID: E83420CF1D2B2ABE687AF17CF3920ADA
Requests: 165 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/EQ5PL-TYNFS-SR6UD-ZERFB-E2CY6
Frame ID: 42F98B149D0917C67109A2F627D74631
Requests: 2 HTTP requests in this frame

Frame: https://8208269.fls.doubleclick.net/activityi;dc_pre=CKPQi6qxi-8CFcpEGwodt0sKtw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839
Frame ID: 5E09DFC8246AA7147160E8D9FF7ADBA9
Requests: 1 HTTP requests in this frame

Frame: https://8234312.fls.doubleclick.net/activityi;dc_pre=CPPwi6qxi-8CFU0UGwodI1EKGg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839
Frame ID: 9F9B094DA19148C626C6DFE525B6CB27
Requests: 1 HTTP requests in this frame

Frame: https://cds.connatix.com/p/104830/connatix.playspace.dc.js
Frame ID: A87AA066CBCD38BDDCBD75F4018134F2
Requests: 9 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 7BE0A26105927FE580C5E0537DE0BB36
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPPwi6qxi-8CFU0UGwodI1EKGg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839;~oref=https://www.sltrib.com/
Frame ID: E635786A43E44C6B0F5405E1BE1C95EC
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKPQi6qxi-8CFcpEGwodt0sKtw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839;~oref=https://www.sltrib.com/
Frame ID: 08B14D19035E9945290512D9637BB2DF
Requests: 1 HTTP requests in this frame

Frame: https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CPPwi6qxi-8CFU0UGwodI1EKGg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839;~oref=https://www.sltrib.com/
Frame ID: 1310C110ED94695D1872C9FEE4717B0D
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CKPQi6qxi-8CFcpEGwodt0sKtw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839;~oref=https://www.sltrib.com/
Frame ID: C5B7FD759131C28764F5B2C0FD1D4931
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: D41294AEA70501D3987FE79458719112
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=5vq8sv1&ref=https%3A%2F%2Fwww.sltrib.com%2F&upid=o6m9dvt&upv=1.1.0
Frame ID: 83CC2CF6FCD8A5D13D71EE7C7BF8FD2C
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.sltrib.com
Frame ID: C1034FC3B85601DE5B60A7B3CF8CFB2C
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
Frame ID: 5D00B22B87F99AEA45E0B551F3D8A0C7
Requests: 11 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
Frame ID: B1343A20B0A0616DCF87C602FEC17315
Requests: 11 HTTP requests in this frame

Frame: https://includemodal.global.ssl.fastly.net/pw.js
Frame ID: 05B0365BBBD11E3F79B012BC14CA5E37
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: D436C05A130F5CF9A1FD9F4D381D1265
Requests: 2 HTTP requests in this frame

Frame: https://includemodal.global.ssl.fastly.net/pw.js
Frame ID: F0EF86E75C09E741B51350E901BB21DB
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: D1B12051F4C4EE8B56E3F619D807BD7C
Requests: 19 HTTP requests in this frame

Frame: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Frame ID: E29982D753C5C183817EE6DE74DB25C2
Requests: 27 HTTP requests in this frame

Frame: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Frame ID: F5B0E448321B36CFD79DA49844A3C4E3
Requests: 28 HTTP requests in this frame

Frame: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 9C9498ADBCD0758EBCA29CB8073595B1
Requests: 21 HTTP requests in this frame

Frame: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 1C9AE7B4A60EF5FCD0B4901DA5CB4BBA
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 54A6857034F758805351CEF61CFAF46C
Requests: 2 HTTP requests in this frame

Frame: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 0FEBD03C78057D265FA57DEBDCE30FFF
Requests: 20 HTTP requests in this frame

Frame: https://d3oi8laqsvc6ey.cloudfront.net/pw.js
Frame ID: 9EE1CC7B91AB88C769433459EA80942C
Requests: 60 HTTP requests in this frame

Frame: https://a828656d04a9d8773a73dee54db9d850.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Frame ID: 903C16D400C60588FBC68D76ED3B4B3B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 52A041E63365614A1DF975AA5435294B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3645771183198376631/index.html
Frame ID: EB43A2F4BAEA6E8085E4B59DFC88C6CF
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/elements/html/spam_signals/spam_signals_bundle_fy2019.js
Frame ID: A07F821208A5872A33737BE0495ABD0A
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 925CD54610C9454047379A1F99091514
Requests: 2 HTTP requests in this frame

Frame: https://b2c.insticator.com/v3/pages/usertracking
Frame ID: 06DD69A51A89BB36020B334921EA63D3
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: 36EB03AFEC8154E63D21184E9F67F146
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: D0EF9FA787A03EEEDC85191454EB42DA
Requests: 12 HTTP requests in this frame

Frame: https://656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Frame ID: 7C402FBC273A18656CF6D49E78B70D8B
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6EFB056750BA4EF7FD2101EDC9E458AE
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: ECA3AD2E20BF176757845F9BF9783CC0
Requests: 2 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: A5C4E3EB98F7D46D94BD54EFE4929FDD
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: B57700FDF6D88E3BDCFEAE739C21251A
Requests: 2 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 5323110075B3BFCD20F4212845921A92
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=1
Frame ID: 9495230AEF781B4762C94100D101D14C
Requests: 7 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_3.27.1
Frame ID: 3A7CAB054788C2855D2388E9C5F2547F
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 65FAFECC44EC76D060D66937AAEFDD68
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2AC2A7986B8CE85289BBD06CC91F606B
Requests: 3 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=d3IMIqZxWr6j9iaKkGJozW&gdpr_consent=undefined&us_privacy=undefined
Frame ID: E552E38EACA2E53B2ADED01AE5310A97
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: C010787AF1F5092C336A76A012D287B0
Requests: 25 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 99261FA5242113B1FDA59FA4DBFF1FE5
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 2ED8699B79AAB65061667878001BEFFE
Requests: 10 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 38D5569C72CF8E6B653BB1408515AAF0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6275921595324111578
Frame ID: 3FBDBE37BA0EEB99F2DBC16C8F80649B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACB207AddgAABHP5aES5g
Frame ID: 7343747E509064F72A83EB06B827894F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6934114232839501975
Frame ID: 834DD61A165A7D91E338361B9A0F17A3
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=diUPaDUP8dth16AJPTyFWY_A
Frame ID: 85B8C2BE01499A84E8B46925F49B4537
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Frame ID: 3CD4DA6F75EB95B150E98B5555B61B80
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 844069CAC45B15128702FD1BCB10C4CF
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: C71A6F086399C2864434784160B92E4B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=T0IOoG53HdDS&pid=557219
Frame ID: 17DCDF0641FC59F3F9B0A112D4B2528A
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8aa91b8a-9800-4621-94ce-d3a481d67497-tuct73471a8&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 08BB3F940C8E96E8949D2CE377C65870
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: F0EC770D9C80FD27E487C1B5A306DF2F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:65ULUwOJ1LgavK5&gdpr=0&gdpr_consent=
Frame ID: 3C090D3512121A5A107D4A8C4808C43B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /react.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

566
Requests

100 %
HTTPS

33 %
IPv6

96
Domains

174
Subdomains

127
IPs

10
Countries

5772 kB
Transfer

14703 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57
  • https://8208269.fls.doubleclick.net/activityi;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839 HTTP 302
  • https://8208269.fls.doubleclick.net/activityi;dc_pre=CKPQi6qxi-8CFcpEGwodt0sKtw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839
Request Chain 58
  • https://8234312.fls.doubleclick.net/activityi;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839 HTTP 302
  • https://8234312.fls.doubleclick.net/activityi;dc_pre=CPPwi6qxi-8CFU0UGwodI1EKGg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839
Request Chain 65
  • https://cd.connatix.com/connatix.playspace.js HTTP 302
  • https://cds.connatix.com/p/104830/connatix.playspace.dc.js
Request Chain 70
  • https://pixel-a.basis.net/dmp/asyncPixelSync HTTP 301
  • https://pixel.sitescout.com/dmp/asyncPixelSync
Request Chain 74
  • https://clickserv.basis.net/conv/1ea036853c174e3a HTTP 301
  • https://clickserv.sitescout.com/conv/1ea036853c174e3a
Request Chain 87
  • https://adservice.google.de/ddm/fls/i/dc_pre=CPPwi6qxi-8CFU0UGwodI1EKGg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839;~oref=https://www.sltrib.com/ HTTP 302
  • https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CPPwi6qxi-8CFU0UGwodI1EKGg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839;~oref=https://www.sltrib.com/
Request Chain 94
  • https://pixel-a.basis.net/dmp/asyncPixelSync HTTP 301
  • https://pixel.sitescout.com/dmp/asyncPixelSync
Request Chain 95
  • https://pixel-a.basis.net/iap/9f30138796dc7a6a HTTP 301
  • https://pixel.sitescout.com/iap/9f30138796dc7a6a
Request Chain 122
  • https://sltrib-d.openx.net/w/1.0/arj?auid=540769366&aus=970x250&ju=https%3A%2F%2Fwww.sltrib.com%2F&jr=&ch=UTF-8&tz=-60&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._mTHeoe9s&cache=1614474270730&ttduuid=cc897bc1-4153-41f1-be3c-11ad11109557 HTTP 302
  • https://sltrib-d.openx.net/w/1.0/arj?cc=1&auid=540769366&aus=970x250&ju=https%3A%2F%2Fwww.sltrib.com%2F&jr=&ch=UTF-8&tz=-60&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._mTHeoe9s&cache=1614474270730&ttduuid=cc897bc1-4153-41f1-be3c-11ad11109557
Request Chain 131
  • https://sltrib-d.openx.net/w/1.0/arj?auid=540769383&aus=300x600&ju=https%3A%2F%2Fwww.sltrib.com%2F&jr=&ch=UTF-8&tz=-60&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._TSh1g2aq&cache=1614474270742&ttduuid=cc897bc1-4153-41f1-be3c-11ad11109557 HTTP 302
  • https://sltrib-d.openx.net/w/1.0/arj?cc=1&auid=540769383&aus=300x600&ju=https%3A%2F%2Fwww.sltrib.com%2F&jr=&ch=UTF-8&tz=-60&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._TSh1g2aq&cache=1614474270742&ttduuid=cc897bc1-4153-41f1-be3c-11ad11109557
Request Chain 146
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=YGZMe7481LgavB5
Request Chain 147
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ccea5f36-4cb1-4c96-a012-ef5e24f863ad&ssp=openx&gdpr=&gdpr_consent=
Request Chain 148
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AABK4U7AddgAABHjBugagw
Request Chain 149
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=cd1c603a-ec1e-4a00-bb1a-e664256f7296
Request Chain 150
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=wAYlWZNVJ17bBi9bl1U7Ws4OJ1rbUCBbwVcsXVtf
Request Chain 151
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1456520951409076440
Request Chain 154
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFO8TjWmXsbLA0HDadY6Lsw&google_cver=1
Request Chain 168
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=LOnlo6Dw1LgavB5
Request Chain 169
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=openx&bsw_custom_parameter=ccea5f36-4cb1-4c96-a012-ef5e24f863ad&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=b7c275dc-53f3-479d-9022-e5a24dca3676&expires=1&user_group=5&ssp=openx&bsw_param=ccea5f36-4cb1-4c96-a012-ef5e24f863ad HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=ccea5f36-4cb1-4c96-a012-ef5e24f863ad
Request Chain 170
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAB6_E7AddgAABGK5aES5g
Request Chain 171
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=00f2603a-ec1e-4600-9e01-c786f7940aaf
Request Chain 172
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=wAYlWZNVJ17bBi9bl1U7Ws4OJ1rbUCBbwVcsXVtf
Request Chain 173
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8793350316744777700
Request Chain 176
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFO8TjWmXsbLA0HDadY6Lsw&google_cver=1
Request Chain 257
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCboeOPswEQsAkYrAIyCITmPYc43DV3 HTTP 301
  • https://tpc.googlesyndication.com/simgad/12461797604719436694
Request Chain 279
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 311
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCboeOPswEQsAkYrAIyCITmPYc43DV3 HTTP 301
  • https://tpc.googlesyndication.com/simgad/12461797604719436694
Request Chain 414
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 436
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 472
  • https://rtb.openx.net/sync/dds?google_gid=CAESEPx5uqAOmBpCYgkcLfmOXRM&google_cver=1&google_push=AQvitULQB-hztaCEfrxvcaRfbRWExQrZehUYUK6VrCqA60i3F2VaAwqZP7yR8-Ed-734GPl8BMmW2z6sBGbjqaKyEQY9_wNmuQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULQB-hztaCEfrxvcaRfbRWExQrZehUYUK6VrCqA60i3F2VaAwqZP7yR8-Ed-734GPl8BMmW2z6sBGbjqaKyEQY9_wNmuQ&google_hm=nMgf1ZYEgMyjH4q2LZ8wzg==
Request Chain 473
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJgGqmekrm1OSju1B79KdX0&google_cver=1&google_push=AQvitULl27xjtqxuQQDG2ecGTRLVcrc1gshV0PKVz7iExoxxPSRum17MZwJ6UvpOc-4V7NHySHnh0IfV9Jx98r4TDjGoLZWElHo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xPR0FPM1QtOC1FMzQx&google_push=AQvitULl27xjtqxuQQDG2ecGTRLVcrc1gshV0PKVz7iExoxxPSRum17MZwJ6UvpOc-4V7NHySHnh0IfV9Jx98r4TDjGoLZWElHo
Request Chain 474
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKX9pF_ySpXEWgTi6Pygn5I&google_cver=1&google_push=AQvitUKyal0gLLl0hAl-VMFnifg5ZNA34voHKPOZg-mj9rYq4NNUlgsLWEDHmclsVgqd6tRQ_hzOODrvMh8cpW-UF8EA383_u2M HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKX9pF_ySpXEWgTi6Pygn5I&google_cver=1&google_push=AQvitUKyal0gLLl0hAl-VMFnifg5ZNA34voHKPOZg-mj9rYq4NNUlgsLWEDHmclsVgqd6tRQ_hzOODrvMh8cpW-UF8EA383_u2M&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUKyal0gLLl0hAl-VMFnifg5ZNA34voHKPOZg-mj9rYq4NNUlgsLWEDHmclsVgqd6tRQ_hzOODrvMh8cpW-UF8EA383_u2M&google_hm=6dce3330b22f3594af03f2ea
Request Chain 475
  • https://match.360yield.com/match/ebda?google_gid=CAESEJhnlirPZv0R_cBooIRVZAQ&google_cver=1&google_push=AQvitUJ85Te4K0eqvY9N7VM26QddABhX8ZkdXI30NzqkyZGiltVHui5TBoUzS4vLh4i8vzAIDrLu4pUDD-K-vk_kNE-QQxWkxZ0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=d3d4-WOGRRCnqOWICUyEsg&google_push=AQvitUJ85Te4K0eqvY9N7VM26QddABhX8ZkdXI30NzqkyZGiltVHui5TBoUzS4vLh4i8vzAIDrLu4pUDD-K-vk_kNE-QQxWkxZ0
Request Chain 476
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEIfeI9mMwBPoZ8m5HFBtjTs&google_cver=1&google_push=AQvitULuvUgZIyEUZrYJgLU3XlCGGp6Mv4izY8lHvbrpWGmOdJV8UJ97ncrUs4X1CIRGDzxeEc1pHKNdKvXEwlwfaSnWHDq3CS4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitULuvUgZIyEUZrYJgLU3XlCGGp6Mv4izY8lHvbrpWGmOdJV8UJ97ncrUs4X1CIRGDzxeEc1pHKNdKvXEwlwfaSnWHDq3CS4&google_hm=
Request Chain 477
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEMDs4OkJdmbs07-OiKBXIsk&google_cver=1&google_push=AQvitUIoCoa0NorMoqpTzCDuYqGGP34e8WM8xcrpScnx1BkZh9__Kq5zP1TEn7J4hGh8SclWZfwgtfdW38eQycnQdAK-Vj6vFQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUIoCoa0NorMoqpTzCDuYqGGP34e8WM8xcrpScnx1BkZh9__Kq5zP1TEn7J4hGh8SclWZfwgtfdW38eQycnQdAK-Vj6vFQ&google_hm=OTA5MDgyMDExNjM3MTgxNjYzMA%3D%3D
Request Chain 481
  • https://cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24EMXUID HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=5903572975545028132&redirect=https://x.yieldlift.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&uid=$EMXUID HTTP 302
  • https://x.yieldlift.com/setuid?bidder=emx_digital&uid=5903572975545028132brt222551614474275745334f1
Request Chain 483
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1 HTTP 302
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=nMgf1ZYEgMyjH4q2LZ8wzg==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 484
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.yieldlift.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526uid%253D%2524UID HTTP 302
  • https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=2868501285207855889
Request Chain 485
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rhythmone&gdpr=&gdpr_consent=&us_privacy=&uid=OPTOUT
Request Chain 487
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1 HTTP 302
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=nMgf1ZYEgMyjH4q2LZ8wzg==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 489
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.yieldlift.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526uid%253D%2524UID HTTP 302
  • https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=5903572975545028132
Request Chain 490
  • https://cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24EMXUID HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=5903572975545028132&redirect=https://x.yieldlift.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&uid=$EMXUID HTTP 302
  • https://x.yieldlift.com/setuid?bidder=emx_digital&uid=5903572975545028132brt222551614474275745334f1
Request Chain 491
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rhythmone&gdpr=&gdpr_consent=&us_privacy=&uid=OPTOUT
Request Chain 501
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=1
Request Chain 508
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4ef1a2df-1790-4066-9b45-39436a39a8bf%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4ef1a2df-1790-4066-9b45-39436a39a8bf%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://prebid.a-mo.net/setuid?A=4ef1a2df-1790-4066-9b45-39436a39a8bf&D=&bidder=sovrn&uid=1acc9285b0b6ce3cf8ab2bd1
Request Chain 509
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4ef1a2df-1790-4066-9b45-39436a39a8bf%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D4ef1a2df-1790-4066-9b45-39436a39a8bf%2526D%253D%2526bidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=4ef1a2df-1790-4066-9b45-39436a39a8bf&D=&bidder=appnexus&uid=5243682155294693262
Request Chain 510
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4ef1a2df-1790-4066-9b45-39436a39a8bf%26D%3D%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4ef1a2df-1790-4066-9b45-39436a39a8bf%26D%3D%26bidder%3Dindex_rtb%26uid%3D&C=1 HTTP 302
  • https://prebid.a-mo.net/setuid?A=4ef1a2df-1790-4066-9b45-39436a39a8bf&D=&bidder=index_rtb&uid=YDrsKK3FMc.5ru-x8mYm0gAA%261841
Request Chain 511
  • https://id5-sync.com/s/441/9.gif?puid=e_660d08a4-b024-4e07-a5b7-fa37cf07b2ce&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_660d08a4-b024-4e07-a5b7-fa37cf07b2ce&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOx29YJpoKjwFYFA-3C-N6P7xPf7xDqeJJYcrbCw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOx29YJpoKjwFYFA-3C-N6P7xPf7xDqeJJYcrbCw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/8/2.gif?puid=15e93bda-b2fd-43ed-8eeb-0c442e267dd8&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/7/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/7/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/19/7/3.gif?puid=cfe0c5daac2917a9a7714145038b4845&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/101/6/4.gif?puid=592a0694-13c4-42c0-85a3-a754b45c8beb&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F5%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/108/5/5.gif?puid=efd950b4-7960-11eb-afe8-5a9a02d33f5c&gdpr=1&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F112%2F4%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/112/4/6.gif?puid=41AAB74D99705222&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F3%2F7.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 301
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F3%2F7.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F3%2F7.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/146/3/7.gif?puid=88055fd6-d376-4b05-b7cf-c9b52722e554&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F398%2F2%2F8.gif%3Fpuid%3D%24%7Bbase64_profileid%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=Y2ZlMGM1ZGFhYzI5MTdhOWE3NzE0MTQ1MDM4YjQ4NDU&google_redir=https://id5-sync.com/c/441/398/2/8.gif?puid=Y2ZlMGM1ZGFhYzI5MTdhOWE3NzE0MTQ1MDM4YjQ4NDU&gdpr=1&gdpr_consent=
Request Chain 518
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 524
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b94b603a-ec28-4400-8524-7917fdc7ba53
Request Chain 525
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=cjoORSFpDxxpMw0ddzwQHSE8CEJpaAhCcm-H-IEz
Request Chain 526
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7114308468341580987
Request Chain 528
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDMzODEwYWQtZTQwYS02ZTFhLTYwMmQtY2NhNGQ1NmU5ZDc3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDMzODEwYWQtZTQwYS02ZTFhLTYwMmQtY2NhNGQ1NmU5ZDc3&google_tc=
Request Chain 529
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDz2g_1Cd4OTnxUnt-E2meY&google_cver=1
Request Chain 531
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YDrsKAzmuBptNci_Y3L7TQAABz8AAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YDrsKAzmuBptNci_Y3L7TQAABz8AAAIB&dcc=t
Request Chain 532
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YDrsKAzmuBptNci_Y3L7TQAABz8AAAIB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEJyaSDoZXaNmcKySyWlF2JU&google_cver=1
Request Chain 533
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YDrsKAzmuBptNci-Y3L7TQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENZu__YfjyWg1LQ43qXoGwM&google_cver=1
Request Chain 535
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YDrsKAzmuBptNci-Y3L7TQAA%261855 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YDrsKAzmuBptNci-Y3L7TQAA%261855
Request Chain 536
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1870471592924760813
Request Chain 537
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YDrsKAzmuBptNci-Y3L7TQAA%261855 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YDrsKAzmuBptNci-Y3L7TQAA%261855
Request Chain 541
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6275921595324111578
Request Chain 542
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACB207AddgAABHP5aES5g
Request Chain 543
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6934114232839501975
Request Chain 544
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=diUPaDUP8dth16AJPTyFWY_A
Request Chain 545
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Request Chain 547
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 548
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=T0IOoG53HdDS&pid=557219
Request Chain 549
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8aa91b8a-9800-4621-94ce-d3a481d67497-tuct73471a8&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 550
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Request Chain 551
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:65ULUwOJ1LgavK5&gdpr=0&gdpr_consent=
Request Chain 552
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=chZB3n-xRgqiRqzQDRzGIQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 554
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=721641DE-7FB1-460A-A246-ACD00D1CC621&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=721641DE-7FB1-460A-A246-ACD00D1CC621&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 555
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=721641DE-7FB1-460A-A246-ACD00D1CC621&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=721641DE-7FB1-460A-A246-ACD00D1CC621&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=721641DE-7FB1-460A-A246-ACD00D1CC621&addseg=29
Request Chain 556
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzIxNjQxREUtN0ZCMS00NjBBLUEyNDYtQUNEMDBEMUNDNjIx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 557
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMmJMKCDKmjIHeJ6MXNR1yg&google_cver=1
Request Chain 559
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e8152811-d939-402c-8c09-fd80ebf98084
Request Chain 560
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7114308468341580987
Request Chain 561
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b94b603a-ec28-4400-8524-7917fdc7ba53&gdpr=0&gdpr_consent=
Request Chain 562
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5243682155294693262&gdpr=0&gdpr_consent=
Request Chain 563
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=721641DE-7FB1-460A-A246-ACD00D1CC621&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=721641DE-7FB1-460A-A246-ACD00D1CC621&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-t6RfpZN1l2JgvSEeUVVrpIh58JwRx58-&gdpr=0&gdpr_consent=
Request Chain 565
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=6874fd71-3689-44ce-902e-8c321cc4972f&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7c969685-b2a3-4937-a886-1f2efdafc783&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 566
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3012225441833435978&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 567
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=3pBtH43DbEbFmW5H25ZzR42WaxjFwmsY3sVRmqmx
Request Chain 568
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YDrsKAAAAD3SRyzr HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YDrsKAAAAD3SRyzr&gdpr=0&gdpr_consent=&_test=YDrsKAAAAD3SRyzr
Request Chain 569
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 571
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:9ce4fa72-4892-4571-984d-7c89f2d1c6df&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 572
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5243682155294693262
Request Chain 573
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_1ce9ecce-b9e4-41f1-985b-f90885262b68

566 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.sltrib.com/ 		604 KB
141 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
809fa319d32d1d63ef512c4c96cb67f49b55d8b81c2b64a346fec1e647a714c1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

:method
GET
:authority
www.sltrib.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
server
openresty
x-aws-lambda-call-status
200
content-encoding
gzip
etag
W/"9620b-OfYMSSxomz3kfVxpDHtrAWAYwXo"
last-modified
Sun, 28 Feb 2021 01:04:09 GMT
vary
Accept-Encoding
x-akamai-transformed
9 140829 0 pmb=mRUM,2
cache-control
private, max-age=60
expires
Sun, 28 Feb 2021 01:05:27 GMT
date
Sun, 28 Feb 2021 01:04:27 GMT
set-cookie
arc-country=DK; expires=Sun, 28-Feb-2021 01:19:27 GMT; path=/ AKA_A2=A; expires=Sun, 28-Feb-2021 02:04:27 GMT; path=/; domain=sltrib.com; secure; HttpOnly
server-timing
cdn-cache; desc=HIT edge; dur=160
link
<https://local.sltrib.com>;rel="preconnect",<https://js-sec.indexww.com>;rel="preconnect",<https://connect.facebook.net>;rel="preconnect",<https://cdn.p-n.io>;rel="preconnect",<https://cdn.tinypass.com>;rel="preconnect",<https://static.criteo.net>;rel="preconnect",<https://cdn.cxense.com>;rel="preconnect",<https://tpc.googlesyndication.com>;rel="preconnect",<https://img.connatix.com>;rel="preconnect" <https://js.adsrvr.org>;rel="preconnect",<https://static.chartbeat.com>;rel="preconnect",<https://cmp.osano.com>;rel="preconnect",<https://www.googletagmanager.com>;rel="preconnect",<https://cd.connatix.com>;rel="preconnect",<https://c.amazon-adsystem.com>;rel="preconnect",<https://www.google-analytics.com>;rel="preconnect",<https://static.ads-twitter.com>;rel="preconnect"
strict-transport-security
max-age=86400
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
arc-country
DK
main.css
www.sltrib.com/pf/resources/css/ 		113 B
870 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/css/main.css?d=183
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
668c0ef605758b2a28ae572680986554e0097e2f10a749db8316b3cb1574806c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
content-encoding
gzip
etag
W/"c07ed12e990cf688bbb98cbc27f198a8"
x-amz-request-id
80E77636BEC9016F
arc-country
US, DK
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
88
x-amz-id-2
g3V1GdKKKwiF3lVubJWuaXnCCfto8Hd5L9ZFDipjPZkPzK3qgQQAOaBwtvaEOGJn++0/oFIoHrg=
x-akamai-http2-push
1
last-modified
Thu, 25 Feb 2021 18:11:27 GMT
server
openresty
date
Sun, 28 Feb 2021 01:04:27 GMT
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, private, max-age=31536000
expires
Mon, 28 Feb 2022 01:04:27 GMT
carousel.css
www.sltrib.com/pf/resources/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/css/carousel.css?d=183
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
93fc8b658124ff5537f0f4d764d1ab052431db7356744319851ec3b69d5c5511
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
content-encoding
gzip
etag
W/"a967928dd3b5d82f2d2f613f61699944"
x-amz-request-id
651D33EADD7B4E3D
arc-country
DE, DK
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
826
x-amz-id-2
PJ3K80E/Ay0URtUYvC1iL+t84YaHaHW3ck9i7BjsiE15/PK1EecKA94axut7BpSVGnqsQWEWXH0=
x-akamai-http2-push
1
last-modified
Thu, 25 Feb 2021 18:11:27 GMT
server
openresty
date
Sun, 28 Feb 2021 01:04:27 GMT
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, private, max-age=31536000
expires
Mon, 28 Feb 2022 01:04:27 GMT
react.js
www.sltrib.com/pf/dist/engine/ 		257 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/dist/engine/react.js?d=183
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
5e8485b18f27535ecf4871e571d1faa3d06e6381d7fc58e1f51017f3bc2ae2d9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
content-encoding
gzip
etag
W/"2f81d26b162f173097b20713bc6a7d54"
x-amz-request-id
9812F81F790F1BB3
arc-country
US, DK
server-timing
cdn-cache; desc=HIT, edge; dur=1
vary
Accept-Encoding
content-length
79969
x-amz-id-2
WKyCVcDQnIZJF1NmpfpP7/Bg1OEXWro01qysdxtc5wTiFWx/laSiP6pWWOtx8eeT8oQ21dMIQX8=
last-modified
Thu, 25 Feb 2021 18:11:27 GMT
server
openresty
date
Sun, 28 Feb 2021 01:04:27 GMT
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=519
expires
Sun, 28 Feb 2021 01:13:06 GMT
default.js
www.sltrib.com/pf/dist/components/combinations/ 		1 MB
309 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/dist/components/combinations/default.js?d=183
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
2cb34ab9523b78db9bc3c7aadef30afa96202dcb8a1103cef9f134c1e3573b0b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
content-encoding
gzip
etag
W/"c524effa0a72f665f2d108cf9464004a"
x-amz-request-id
D41A5F0DBDA2A70D
arc-country
US, DK
server-timing
cdn-cache; desc=HIT, edge; dur=1
vary
Accept-Encoding
content-length
314619
x-amz-id-2
toCmuT0aPQz57ams+Bz9/AEBmgA/2G7G5nL9bmGn0vNvsLV9M/UyYNGRTqgQP1k0qFmIsUIFPdk=
last-modified
Thu, 25 Feb 2021 18:11:27 GMT
server
openresty
date
Sun, 28 Feb 2021 01:04:27 GMT
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=843
expires
Sun, 28 Feb 2021 01:18:30 GMT
default.css
www.sltrib.com/pf/dist/components/output-types/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/dist/components/output-types/default.css?d=183
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
5b8286703b3aa2e8ed1495e094181485445394bca3f5493566499a90e277adb6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
content-encoding
gzip
etag
W/"cb7f3e991851c31db3ad51993723f619"
x-amz-request-id
268D5E964B9A2634
arc-country
US, DK
server-timing
cdn-cache; desc=HIT, edge; dur=1
vary
Accept-Encoding
content-length
1371
x-amz-id-2
BW40NmFGMHNHieqQs2uC2KOVaGd9bDCkFPA51HKOb+k95IG7NaSNm5k2L8/KH5AFLa8m7c0PK/E=
x-akamai-http2-push
1
last-modified
Thu, 25 Feb 2021 18:11:27 GMT
server
openresty
date
Sun, 28 Feb 2021 01:04:27 GMT
strict-transport-security
max-age=86400
content-type
text/css; charset=utf-8
cache-control
public, max-age=36
expires
Sun, 28 Feb 2021 01:05:03 GMT
default.css
www.sltrib.com/pf/dist/components/combinations/ 		131 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/dist/components/combinations/default.css?d=183
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
83d92dbbb7413c0bf02248fca679d2288f48372b7f2817c91650ae7c4213930e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
content-encoding
gzip
etag
W/"20ab7d6a82b249e84d87aee28e38e66f"
x-amz-request-id
723F3875F24B78CA
arc-country
US, DK
server-timing
cdn-cache; desc=HIT, edge; dur=1
vary
Accept-Encoding
content-length
16471
x-amz-id-2
OAgA7jaJ6k3glWPlYbhZuq9RspFX4gg2jooA9ekOrTQ5PQS66FmnexzBzeMtqHvy1VheIzav2hQ=
x-akamai-http2-push
1
last-modified
Thu, 25 Feb 2021 18:11:27 GMT
server
openresty
date
Sun, 28 Feb 2021 01:04:27 GMT
strict-transport-security
max-age=86400
content-type
text/css; charset=utf-8
cache-control
public, max-age=608
expires
Sun, 28 Feb 2021 01:14:35 GMT
menu.svg
www.sltrib.com/pf/resources/svg/ 		222 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/pf/resources/svg/menu.svg?d=183
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
9041f63adc7ef5badf30edfdd51d94832df52c6a93c52ba91ea270c107847b82
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:27 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
6F7A5CFBDABD5482
arc-country
DK
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
188
x-amz-id-2
2UsEjKu4Q3IRHFnnhpES6ftWYa3IbDCNZstgKkvG2UwGd7dXpmt291b8r6Kk8bmRX0fi1fn6Xes=
last-modified
Thu, 25 Feb 2021 18:11:27 GMT
server
openresty
etag
W/"2ad563e730ce63c718f6dbed5962a52a"
strict-transport-security
max-age=86400
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, private, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Mon, 28 Feb 2022 01:04:27 GMT
Trib_masthead_top_000000.svg
www.sltrib.com/pf/resources/svg/ 		14 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/pf/resources/svg/Trib_masthead_top_000000.svg?d=183
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
a6b9ca255d1b81f64849a3e0412ee94a858f10baafb862bfd715541afdb012df
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:27 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
7EE524ABE500F2E2
arc-country
DK
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
4810
x-amz-id-2
4lsSvmY4Ic06JmNQbdEmS8h0GBOZmUeLz3i0fspJeNaAFNwF8PxJOYqtYH8lw95SyTJdqfNSj88=
last-modified
Thu, 25 Feb 2021 18:11:27 GMT
server
openresty
etag
W/"0a6e5f60fd6a9d23f560d424745802f9"
strict-transport-security
max-age=86400
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, private, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Mon, 28 Feb 2022 01:04:27 GMT
person.svg
www.sltrib.com/pf/resources/svg/ 		291 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/pf/resources/svg/person.svg?d=183
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
f8a691e6f523905cca35f8488a78ceadbaa81c057adf1b5a4817871ad27bf787
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:28 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
3J3H1Z2K6NCH9S6W
arc-country
DK
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
222
x-amz-id-2
8cpmrLkbrClYoL+RWG5S41aR+MQ6tcllgqZfPK+JRcAdndIh5D8AkHz4bXXXaTPOHt08GdDQTHU=
last-modified
Thu, 25 Feb 2021 18:11:27 GMT
server
openresty
etag
W/"0b49da62bedb71c6594b7421f72768e1"
strict-transport-security
max-age=86400
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, private, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Mon, 28 Feb 2022 01:04:28 GMT
MLQIJKSVHFAHJPDLLDRGQT27DM.jpg
www.sltrib.com/resizer/lwnG3dUeFXSTyiN84bkzkcZLWFg=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/lwnG3dUeFXSTyiN84bkzkcZLWFg=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/MLQIJKSVHFAHJPDLLDRGQT27DM.jpg
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
9513a9cd2eb5f6102c6b069b0d3d943e810fd741720b9830f5e1478c3d7a66e8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Akamai Image Server
arc-country
DK
etag
"8962e1149edcc1299887c920a7fdded302f089b6"
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, max-age=31492713
date
Sun, 28 Feb 2021 01:04:28 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
4567
expires
Sun, 27 Feb 2022 13:03:01 GMT
QD5U2DACM5FP3DUTPTLGTWCTC4.jpg
www.sltrib.com/resizer/AXkheMn0V3o0_BqFPdbFpnO4mC8=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/AXkheMn0V3o0_BqFPdbFpnO4mC8=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/QD5U2DACM5FP3DUTPTLGTWCTC4.jpg
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
2ee82b180bcdba0b77df8173089818aafbe1e55be9a445bd419d9ef40f98f02b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Akamai Image Server
arc-country
DK
etag
"fcd07df89d452f55380fc2db0e32367a2ad529f6"
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, max-age=31492781
date
Sun, 28 Feb 2021 01:04:28 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
4494
x-akamai-im-skip-dlr
1
expires
Sun, 27 Feb 2022 13:04:09 GMT
6HMR4ILNB5CGNJMAYEFNBIMNNY.JPG
www.sltrib.com/resizer/Yd2VEXoWIjmfoJJYH8UJNidVYo8=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/Yd2VEXoWIjmfoJJYH8UJNidVYo8=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/6HMR4ILNB5CGNJMAYEFNBIMNNY.JPG
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
8e7060fcc6afaa7e61865286036d7ffa06c6cce121a4f9c3e90132bf9882d9f3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Akamai Image Server
arc-country
DK
etag
"249d92b116e7a4dada62d4fa736093c4fe12cb40"
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, max-age=31508930
date
Sun, 28 Feb 2021 01:04:28 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-akamai-note
original-image
content-length
4648
expires
Sun, 27 Feb 2022 17:33:18 GMT
WQJRSMH3GRBDBJ5UPYP3OXSS4I.jpeg
www.sltrib.com/resizer/wCPrpMfAnQtqI84YlKuDxc1_tCA=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/wCPrpMfAnQtqI84YlKuDxc1_tCA=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/WQJRSMH3GRBDBJ5UPYP3OXSS4I.jpeg
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
beeb0f9ff6482c80990cfc609655603b7287c25a54e4c4493e0acd00c1322dc6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Akamai Image Server
arc-country
DK
etag
"cfaaecdb733d30881ce5c0aa093c4c937dd270e9"
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, max-age=31533522
date
Sun, 28 Feb 2021 01:04:28 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-akamai-note
original-image
content-length
3461
expires
Mon, 28 Feb 2022 00:23:10 GMT
VWC2ZYVQ6FHOJOYDPXHC6FC46I.jpg
www.sltrib.com/resizer/VucnSVLmQqXQM87aL2y-GXNpXRk=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/VucnSVLmQqXQM87aL2y-GXNpXRk=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/VWC2ZYVQ6FHOJOYDPXHC6FC46I.jpg
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
5b69e7fdc06ea24af17e04bd80ad416a1e378674f4824dd858cae7d4f3c59c6a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Akamai Image Server
arc-country
DK
etag
"a3c76a25e356b6fb6e525b4b41badf1ad1f7f3d5"
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, max-age=31530613
date
Sun, 28 Feb 2021 01:04:28 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
3094
expires
Sun, 27 Feb 2022 23:34:41 GMT
VSN5E2JJ7ZF2XOACRMOUFSKHSQ.jpg
www.sltrib.com/resizer/qVWXZkWB5JmOI5RGPGE0KuFejv8=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/qVWXZkWB5JmOI5RGPGE0KuFejv8=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/VSN5E2JJ7ZF2XOACRMOUFSKHSQ.jpg
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
ca075c6340920a23f07db7de72920963f7aa79b83aabefced724bed4a700fd0c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Akamai Image Server
arc-country
DK
etag
"3d6d0f9f07ba286b3937a3e74e33d05dcfdf6c5e"
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, max-age=31441039
date
Sun, 28 Feb 2021 01:04:28 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-akamai-note
original-image
content-length
4408
expires
Sat, 26 Feb 2022 22:41:47 GMT
WXT2CJ7NGVCNVIPJAUGSWXK74Y.jpg
www.sltrib.com/resizer/YbyKTOZjaGh40FXpjPQYQLd6RVE=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/YbyKTOZjaGh40FXpjPQYQLd6RVE=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/WXT2CJ7NGVCNVIPJAUGSWXK74Y.jpg
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
4b0b55689f9d15db836c8caf4527e90bfeeb67367c16c8b2e050fdfd92ddb467
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Akamai Image Server
arc-country
DK
etag
"991aeb1dc03c873da34b2e8ef2a9a93c921b5cd7"
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, max-age=31519614
date
Sun, 28 Feb 2021 01:04:28 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-akamai-note
original-image
content-length
3235
expires
Sun, 27 Feb 2022 20:31:22 GMT
O73DGDAGCRBEBC3CPDEP6QURRY.JPG
www.sltrib.com/resizer/_hYuw64iysm5waNYa3Ctn460058=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/_hYuw64iysm5waNYa3Ctn460058=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/O73DGDAGCRBEBC3CPDEP6QURRY.JPG
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
2e6a3c65b0245268beddb979d30c6910f70dc3ae38f6e7d6f489309c736dcff1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Akamai Image Server
arc-country
DK
etag
"94ba8218d4f9b7072ed388f53f145de99ef3d664"
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, max-age=31515129
date
Sun, 28 Feb 2021 01:04:28 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-akamai-note
original-image
content-length
3831
expires
Sun, 27 Feb 2022 19:16:37 GMT
BD2OWYAUZNB6VH3I22VBFBDTUA.jpg
www.sltrib.com/resizer/paFvus-ATcoGHDGuFDJ9w1lpszw=/400x283/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/paFvus-ATcoGHDGuFDJ9w1lpszw=/400x283/cloudfront-us-east-1.images.arcpublishing.com/sltrib/BD2OWYAUZNB6VH3I22VBFBDTUA.jpg
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
869afc986a4593c6bc131bc073c2729780709a09ed85b0fbbbd1c385d3684b6e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Akamai Image Server
arc-country
DK
etag
"acbf4f6e961988a4c5ae193f4627f634a4007247"
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, max-age=31440347
date
Sun, 28 Feb 2021 01:04:28 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-akamai-note
original-image
content-length
27885
expires
Sat, 26 Feb 2022 22:30:15 GMT
MO2DJV6LYVEY5NST5ICKHVQ5NQ.jpg
www.sltrib.com/resizer/fv5LY_reO8-NhWCfXMCmdSrei_E=/400x283/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/fv5LY_reO8-NhWCfXMCmdSrei_E=/400x283/cloudfront-us-east-1.images.arcpublishing.com/sltrib/MO2DJV6LYVEY5NST5ICKHVQ5NQ.jpg
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
9aaa8dea0c9ad051e733888b930fc61572b8084ac7a6893ca22f6b5e4d2691eb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Akamai Image Server
arc-country
DK
etag
"6017b540b638dc18d3c2a6b45c41fed4a4a8a33f"
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, max-age=31360523
date
Sun, 28 Feb 2021 01:04:28 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-akamai-note
original-image
content-length
17719
expires
Sat, 26 Feb 2022 00:19:51 GMT
O6LQEOURINAS7E655CGDQE4DOQ.jpg
www.sltrib.com/resizer/FfZL5bzJN-aj2PT4adsadOEDgXM=/400x283/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/FfZL5bzJN-aj2PT4adsadOEDgXM=/400x283/cloudfront-us-east-1.images.arcpublishing.com/sltrib/O6LQEOURINAS7E655CGDQE4DOQ.jpg
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
32d0592e0bf4f414dd5e18ec614755675b31b224add031e19dc9fc8aa5846254
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Akamai Image Server
arc-country
DK
etag
"a9dea8696bcc560b58034403948cee6c02d515d8"
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, max-age=31276490
date
Sun, 28 Feb 2021 01:04:28 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-akamai-note
original-image
content-length
28546
expires
Fri, 25 Feb 2022 00:59:18 GMT
HR3O2DUUOVHVTG6U47H2GJJIYE.jpg
www.sltrib.com/resizer/_O5CHGYKKEJiRh66T3vyyiki0CY=/400x283/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/_O5CHGYKKEJiRh66T3vyyiki0CY=/400x283/cloudfront-us-east-1.images.arcpublishing.com/sltrib/HR3O2DUUOVHVTG6U47H2GJJIYE.jpg
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
619f1b87c38c3a560edf9069cee622b36cedba046019a1fb97aec47ec16e2c20
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Akamai Image Server
arc-country
DK
etag
"9cc6e5070ef546fb7c27286431adf79342b1e0e0"
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, max-age=31187649
date
Sun, 28 Feb 2021 01:04:28 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-akamai-note
original-image
content-length
29436
expires
Thu, 24 Feb 2022 00:18:37 GMT
TW4BHW65NBEG3PNIXDZTI5M5V4.jpg
www.sltrib.com/resizer/UcSomUi5a_f6Tk-OsjuONIWgZkY=/400x283/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/UcSomUi5a_f6Tk-OsjuONIWgZkY=/400x283/cloudfront-us-east-1.images.arcpublishing.com/sltrib/TW4BHW65NBEG3PNIXDZTI5M5V4.jpg
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
b1cad0af4498c32563fb5add713d7acf47de0bed1ee8b0086e130a8e1df76717
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Akamai Image Server
arc-country
DK
etag
"e7a86165933a70c78b0f9b41ecde0df83517c42d"
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, max-age=31097336
date
Sun, 28 Feb 2021 01:04:28 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-akamai-note
original-image
content-length
22733
expires
Tue, 22 Feb 2022 23:13:24 GMT
O6UPBF2X5VD2DAADUVAXIUCJ5E.jpg
www.sltrib.com/resizer/LdVs4-sTTZqNSxNlonNns4qAvoE=/400x283/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/LdVs4-sTTZqNSxNlonNns4qAvoE=/400x283/cloudfront-us-east-1.images.arcpublishing.com/sltrib/O6UPBF2X5VD2DAADUVAXIUCJ5E.jpg
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
0b29746165a458fb96e404e770dc405e9a01e9ce44cfa160d4f7fe14e0753217
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Akamai Image Server
arc-country
DK
etag
"0aadb18351f5418c60b73d4f79c3e37c8fd0b151"
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, max-age=30839149
date
Sun, 28 Feb 2021 01:04:28 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-akamai-note
original-image
content-length
34383
expires
Sat, 19 Feb 2022 23:30:17 GMT
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.94.161 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-94-161.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 18:31:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
23588
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
c3-4tVtNpkTlrZ5z7Yl0ihFjO_MQ8KD8hIkoI5S15w1uvI15hd4lMQ==
ballantine.js
www.sltrib.com/pf/resources/js/ 		465 B
1006 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/ballantine.js?d=183
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
1349f8a177348d0812701b1d014b76c7dba107cb9793792379e70cfeb35ed80d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
content-encoding
gzip
etag
W/"75f660e0bf36975883d65bcb4206e252"
x-amz-request-id
A8DD782DE7F27407
arc-country
US, DK
date
Sun, 28 Feb 2021 01:04:28 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
262
x-amz-id-2
iquc2sazPovkEl0hR1tEgWdVKSC9N2+chNz5NcX3rbhsw3ZNofQWsVO9UabTailN1G/xw2JT6HY=
last-modified
Thu, 25 Feb 2021 18:11:27 GMT
server
openresty
x-edgeconnect-cache-status
1
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, private, max-age=31536000
expires
Mon, 28 Feb 2022 01:04:28 GMT
sltrib-logo.svg
www.sltrib.com/pf/resources/svg/ 		28 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/pf/resources/svg/sltrib-logo.svg?d=183
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
50218b350ecd9694900e829cfc6c60e47693ef3cb35a07774414ef83a911f1b4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:28 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
BEF7D36FE2303C50
arc-country
DK
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
10808
x-amz-id-2
BF0+12jHxjaEwAdHx8aR5TbyMdGx6ecIn1cQ9H4zdusLNSOFk9yqqP3/aK6NaASH+cuNGnHKaos=
last-modified
Thu, 25 Feb 2021 18:11:27 GMT
server
openresty
etag
W/"25e4e564ed5f244539f01a165c33c5aa"
strict-transport-security
max-age=86400
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, private, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Mon, 28 Feb 2022 01:04:28 GMT
trib_masthead.svg
www.sltrib.com/pf/resources/svg/ 		34 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/pf/resources/svg/trib_masthead.svg?d=183
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
d7ab0f1e31217960c7bcf0bdb822374271344c75aab4da7825505571e7e9035e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:28 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
B8DAB7423FD35FD5
arc-country
DK
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
10113
x-amz-id-2
RICOT9WReaZt80tMGyLOsY5Cv4mk3QbyuGQEzVPweWr96xwj62BfJZWwH5uAUJPmyJYaM9TpCos=
last-modified
Thu, 25 Feb 2021 18:11:27 GMT
server
openresty
etag
W/"ac682bbc23ad2715870b9244bcf8f9d5"
strict-transport-security
max-age=86400
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, private, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Mon, 28 Feb 2022 01:04:28 GMT
default.js
www.sltrib.com/pf/dist/page/pjjwb8mG4nlBq8as/ 		29 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/dist/page/pjjwb8mG4nlBq8as/default.js?d=183
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
fc9cbd43ed896656fa387f6ebd235e2cbc896f05a42c53d438340609b18423ae
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
content-encoding
gzip
etag
"e9066fe0bd4e54937f2505d3da62a53d"
x-amz-request-id
17B3A5450117E2E7
arc-country
US, DK
server-timing
cdn-cache; desc=HIT, edge; dur=343
vary
Accept-Encoding
content-length
3787
x-amz-id-2
a98HvrfybKULO8dXtKATSP5w0k/O+tOG6n8+uq4v6wViivHeo82JgfJT619dPUenVKCNtO/nhr4=
last-modified
Sun, 28 Feb 2021 00:03:20 GMT
server
openresty
date
Sun, 28 Feb 2021 01:04:28 GMT
strict-transport-security
max-age=86400
content-type
application/javascript
cache-control
private, max-age=60
expires
Sun, 28 Feb 2021 01:05:28 GMT
EQ5PL-TYNFS-SR6UD-ZERFB-E2CY6
s.go-mpulse.net/boomerang/ Frame 42F9 		202 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/EQ5PL-TYNFS-SR6UD-ZERFB-E2CY6
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:287::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:27 GMT
content-encoding
br
last-modified
Fri, 18 Dec 2020 13:39:50 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
51580
O73DGDAGCRBEBC3CPDEP6QURRY.JPG
www.sltrib.com/resizer/cshRBYSsWxOfPm0SvrK_4QIpIGo=/366x244/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/cshRBYSsWxOfPm0SvrK_4QIpIGo=/366x244/cloudfront-us-east-1.images.arcpublishing.com/sltrib/O73DGDAGCRBEBC3CPDEP6QURRY.JPG?effect=blur
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
ca066ac2cfdf17c1c21a9bc6d204e5d7c278d93985bc1d7344d00d8162624869
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Akamai Image Server
arc-country
DK
etag
"f10248d81046bf5136419462c58dd468938bc042"
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, max-age=31515063
date
Sun, 28 Feb 2021 01:04:28 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=-1906, origin; dur=2214
x-akamai-note
original-image
content-length
21551
x-akamai-im-skip-dlr
1
expires
Sun, 27 Feb 2022 19:15:31 GMT
3KPCZHJA75FQ7LSN6T2SKZPNCA.jpg
www.sltrib.com/resizer/-n3FDfRbhlX3nyn2PQaGj20w2gA=/366x244/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/-n3FDfRbhlX3nyn2PQaGj20w2gA=/366x244/cloudfront-us-east-1.images.arcpublishing.com/sltrib/3KPCZHJA75FQ7LSN6T2SKZPNCA.jpg?effect=blur
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
b3b99beb98a945af8bcf64599f394cc282883de0d329ba80081bf210c51c1c8c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Akamai Image Server
arc-country
DK
etag
"3e1131c5d430aa682a60dc40ac99816187056a1b"
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, max-age=31499186
date
Sun, 28 Feb 2021 01:04:28 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=-327, origin; dur=686
x-akamai-note
original-image
content-length
22354
expires
Sun, 27 Feb 2022 14:50:54 GMT
VWC2ZYVQ6FHOJOYDPXHC6FC46I.jpg
www.sltrib.com/resizer/e5gSMGTQEcFBhTOLvYz39gsZbeg=/600x400/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/e5gSMGTQEcFBhTOLvYz39gsZbeg=/600x400/cloudfront-us-east-1.images.arcpublishing.com/sltrib/VWC2ZYVQ6FHOJOYDPXHC6FC46I.jpg?effect=blur
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
b5b7a95a9dfcdaf606e01cf3f9e0fc100cf051907967e1f6656bf3a1c4abec45
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Akamai Image Server
arc-country
DK
etag
"d788b67e0b7d5652bed0909afee0a9e6f9041f8e"
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, max-age=31532072
date
Sun, 28 Feb 2021 01:04:28 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=-706, origin; dur=1005
x-akamai-note
original-image
content-length
41274
expires
Sun, 27 Feb 2022 23:59:00 GMT
MLQIJKSVHFAHJPDLLDRGQT27DM.jpg
www.sltrib.com/resizer/JVDgFYTn-FLsK1ib2NSYbzA8yV4=/366x244/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/JVDgFYTn-FLsK1ib2NSYbzA8yV4=/366x244/cloudfront-us-east-1.images.arcpublishing.com/sltrib/MLQIJKSVHFAHJPDLLDRGQT27DM.jpg?effect=blur
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
f44b31bfc8dd2110d060f10ede8c0b22c5739ce85151d029bbb3ad391a0ab845
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Akamai Image Server
arc-country
DK
etag
"8aee71fa064bebd447f196cdbb8cd6e08730eb56"
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, max-age=31492985
date
Sun, 28 Feb 2021 01:04:28 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=-48, origin; dur=422
x-akamai-note
original-image
content-length
25936
expires
Sun, 27 Feb 2022 13:07:33 GMT
WXT2CJ7NGVCNVIPJAUGSWXK74Y.jpg
www.sltrib.com/resizer/GfsKY-_oo1OcpHRqV1ZXhJKvoJs=/366x244/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/GfsKY-_oo1OcpHRqV1ZXhJKvoJs=/366x244/cloudfront-us-east-1.images.arcpublishing.com/sltrib/WXT2CJ7NGVCNVIPJAUGSWXK74Y.jpg?effect=blur
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
50ea306caad273fb96189b9b3515e1711dfc5b3b4620bbac4358398777374616
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Akamai Image Server
arc-country
DK
etag
"ca03d0b78743de64b6906be6c20e1ffbac10eafc"
strict-transport-security
max-age=86400
content-type
image/jpeg
x-edgeconnect-cache-status
3
cache-control
private, max-age=31518680
date
Sun, 28 Feb 2021 01:04:28 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=-232, origin; dur=513
x-akamai-note
original-image
content-length
15035
expires
Sun, 27 Feb 2022 20:15:48 GMT
ZGBPTLGZWZG37NUNW7BJ2MEMSI.jpg
www.sltrib.com/resizer/Zsv9In714PkXJwNvtOu9BmeHFpQ=/366x244/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/Zsv9In714PkXJwNvtOu9BmeHFpQ=/366x244/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ZGBPTLGZWZG37NUNW7BJ2MEMSI.jpg?effect=blur
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
043942f120a1e4f91f174010c8ce3328bc112ca51752993de39060269d16828c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Akamai Image Server
arc-country
DK
etag
"c96123a829e7c0bf2c452bd91ade483c7c1593f4"
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, max-age=31111643
date
Sun, 28 Feb 2021 01:04:28 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=146
x-akamai-note
original-image
content-length
20128
expires
Wed, 23 Feb 2022 03:11:51 GMT
32MYAZZBBVCKVKMSYYSOXQARPQ.jpg
www.sltrib.com/resizer/Jt9PdKJSfmf8cJrvmKG7tCV7BQ8=/366x244/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/Jt9PdKJSfmf8cJrvmKG7tCV7BQ8=/366x244/cloudfront-us-east-1.images.arcpublishing.com/sltrib/32MYAZZBBVCKVKMSYYSOXQARPQ.jpg?effect=blur
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
ab1905366a3a27a4bfbc6565fd896c4ada47c42ac1b1f63c5f8b5d4c277f25ef
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Akamai Image Server
arc-country
DK
etag
"a72d8629de480d52210cd3bc78a8a2405f6362d6"
strict-transport-security
max-age=86400
content-type
image/jpeg
x-edgeconnect-cache-status
3
cache-control
private, max-age=31524976
date
Sun, 28 Feb 2021 01:04:28 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=360
x-akamai-note
original-image
content-length
20617
expires
Sun, 27 Feb 2022 22:00:44 GMT
DonateTeal.jpg
local.sltrib.com/marketing/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://local.sltrib.com/marketing/DonateTeal.jpg?effect=blur
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.220.201 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
6c2e4075c68613d764ea872dc0b5bb479b753aef3a315ac37896ce8fbe65a5ba

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:28 GMT
last-modified
Tue, 09 Feb 2021 15:58:07 GMT
server
Apache
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
52950
expires
Tue, 30 Mar 2021 01:04:28 GMT
VSN5E2JJ7ZF2XOACRMOUFSKHSQ.jpg
www.sltrib.com/resizer/7WAAd-Qgb5OYzp5szzHbYVcY3sU=/366x244/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/7WAAd-Qgb5OYzp5szzHbYVcY3sU=/366x244/cloudfront-us-east-1.images.arcpublishing.com/sltrib/VSN5E2JJ7ZF2XOACRMOUFSKHSQ.jpg?effect=blur
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
701002e0f21eed9cccb825bc1c51c7de68fb1086542d1ca5459319036c9228d5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Akamai Image Server
arc-country
DK
etag
"b474ec6c0075cac383b4d567ca0ef626941e102d"
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, max-age=31440976
date
Sun, 28 Feb 2021 01:04:28 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=9
x-akamai-note
original-image
content-length
21839
expires
Sat, 26 Feb 2022 22:40:44 GMT
SMO235ODH5CJLKLY6SZAXSUYFM.jpg
www.sltrib.com/resizer/40GmL2qs3b4YwQVj4FTnxQ0T3-g=/366x244/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/40GmL2qs3b4YwQVj4FTnxQ0T3-g=/366x244/cloudfront-us-east-1.images.arcpublishing.com/sltrib/SMO235ODH5CJLKLY6SZAXSUYFM.jpg?effect=blur
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
4dc885b2f96d9e6c95f64b2858599bee06f922068fb793d56a7e0e544c2e775c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Akamai Image Server
arc-country
DK
etag
"654f46b0097536678fee26c8dafd1be5a2e77090"
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, max-age=31328211
date
Sun, 28 Feb 2021 01:04:28 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=8
content-length
7227
expires
Fri, 25 Feb 2022 15:21:19 GMT
truncated
/ 		842 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
462f8a9becd0c3fe2ff5f35f32d9ec980cab1ae3a715b9f7ba03e544134d815c

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
config.json
c.go-mpulse.net/api/ Frame 42F9 		51 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=EQ5PL-TYNFS-SR6UD-ZERFB-E2CY6&d=www.sltrib.com&t=5381581&v=1.632.0&if=&sl=0&si=bapiemxcprm-qp7sbg&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=634755
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/EQ5PL-TYNFS-SR6UD-ZERFB-E2CY6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:19a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ea9d44babfa4a2cd0031f081fd9381751bee0f7d044ae9254d2b1ce71fa32605

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 28 Feb 2021 01:04:28 GMT
Cache-Control
private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
51
Content-Type
application/json
google-analytics.js
www.sltrib.com/pf/resources/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/google-analytics.js?d=183
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
72d3bb48505405120796571830ae74c4f871f03a9052d080cde2190aa926b1ee
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
content-encoding
gzip
etag
W/"2615a770e33c9ec8523382d136d1f7e8"
x-amz-request-id
C36911382C8A571E
arc-country
US, DK
date
Sun, 28 Feb 2021 01:04:27 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
931
x-amz-id-2
F4LGjHxGg8jF0CS75diZOC8nmwL3HM/cV1rqdM039lUKQ+4VA94bsXhSz8d2A0YFEssf3AXCieU=
x-akamai-http2-push
1
last-modified
Thu, 25 Feb 2021 18:11:27 GMT
server
openresty
x-edgeconnect-cache-status
1
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, private, max-age=31536000
expires
Mon, 28 Feb 2022 01:04:27 GMT
google-tag-manager.js
www.sltrib.com/pf/resources/js/ 		747 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/google-tag-manager.js?d=183
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
7eb2af8a6315d058a1e7b87fadf2070e8fc0b2449b0a89da20c5b912de500acd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
content-encoding
gzip
etag
W/"d2c8fb2ca910eadf27baa9157fba21a3"
x-amz-request-id
ACBF87D685B18512
arc-country
US, DK
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
406
x-amz-id-2
msL05W1/1Zyat4jHj4HJkRR6tYscyi3xAfojGqyccwrRgPflz6BBxu+jaOsynvxkI6w6Ic/5n8M=
x-akamai-http2-push
1
last-modified
Thu, 25 Feb 2021 18:11:27 GMT
server
openresty
date
Sun, 28 Feb 2021 01:04:27 GMT
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, private, max-age=31536000
expires
Mon, 28 Feb 2022 01:04:27 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
sffe /
Resource Hash
11f879a7da56b6826b393da7bee7db99696652874b38c9d7c79300528429efed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"797 / 161 of 1000 / last-modified: 1614381521"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19360
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:04:28 GMT
chartbeat.js
www.sltrib.com/pf/resources/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/chartbeat.js?d=183
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
bee0fcc6742e29949e7162d5b326af9033732c4df6370add656fe0ad5c2014e5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
content-encoding
gzip
etag
W/"a2b557c5886dbe088a43ed9f7d8bc52b"
x-amz-request-id
F9F6CBC4FE633A3F
arc-country
US, DK
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
1191
x-amz-id-2
m38UdA3MYeAC5MRzjhrme+wo+BrqbGJfD8PF4wzzZE/GETffplrzeLPUch8mgWjpRFweeM01JnM=
x-akamai-http2-push
1
last-modified
Thu, 25 Feb 2021 18:11:27 GMT
server
openresty
date
Sun, 28 Feb 2021 01:04:27 GMT
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, private, max-age=31536000
expires
Mon, 28 Feb 2022 01:04:27 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5400:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
bdbb3b88367e0dc7f2af34b3bb701fe2523c8653a48cdfd8aaf67c2d1e18b76d

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 19:33:10 GMT
content-encoding
gzip
last-modified
Wed, 02 Dec 2020 01:43:44 GMT
server
nginx
age
19878
etag
W/"5fc6f150-5976"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
cpYZqC20MmJ6FGFQ7BZxtWchK8mek-Yu1fQPq_koFNUlaPxERU2LUg==
expires
Sun, 28 Feb 2021 19:33:10 GMT
apstag.js
www.sltrib.com/pf/resources/js/ 		949 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/apstag.js?d=183
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
4f820f0ef60feea0b9127f668b9fb37ed82e6f9265859d43a826336cf428f507
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
content-encoding
gzip
etag
W/"2ee185c1ae18ff242247763a007ccf2e"
x-amz-request-id
FB8C74328E3ADEE5
arc-country
GB, DK
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
495
x-amz-id-2
P66PQ+dQ4F7v/2uBTn1ZJo+SjFAqbNnXVE+H9ozaie13+EhzhrexpKCrhzvw9FNK348P/7y2WBk=
last-modified
Thu, 25 Feb 2021 18:11:27 GMT
server
openresty
date
Sun, 28 Feb 2021 01:04:28 GMT
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, private, max-age=31536000
expires
Mon, 28 Feb 2022 01:04:28 GMT
ad-slider.js
www.sltrib.com/pf/resources/js/ 		730 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/ad-slider.js?d=183
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
37e4ecedf0ab53a8f928507a9ae337f5871230f4525ce7e8070af4b21c17412d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
content-encoding
gzip
etag
W/"c1aae5ed5833503095f1c285308e8ac3"
x-amz-request-id
609D94711053F4C7
arc-country
US, DK
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
351
x-amz-id-2
FDs1h+9qYqSzKFqiObhabxn+CfrYj5SYL2EuisLfgTWbI5Q1Rn7mWkTZSnbVwaWZiVBeLn5hgEY=
last-modified
Thu, 25 Feb 2021 18:11:27 GMT
server
openresty
date
Sun, 28 Feb 2021 01:04:28 GMT
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, private, max-age=31536000
expires
Mon, 28 Feb 2022 01:04:28 GMT
ad-blocker.js
www.sltrib.com/pf/resources/js/ 		694 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/ad-blocker.js?d=183
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
403f82f5023b7899ecc6ea3059c0b29c10d6719e7f8464e0625c8f5d02c9b69c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
content-encoding
gzip
etag
W/"8400f83f0cc8263a503add31576d1164"
x-amz-request-id
ABD9335E4621AF5E
arc-country
GB, DK
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
394
x-amz-id-2
AAZyXte7JcJLFKASRYfmoTeTfRJRsiJKELEfAQ4Iwdv9J1Vpjj9XdpfI0Wt9CDPOE9EZg57pYCk=
last-modified
Thu, 25 Feb 2021 18:11:27 GMT
server
openresty
date
Sun, 28 Feb 2021 01:04:28 GMT
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, private, max-age=31536000
expires
Mon, 28 Feb 2022 01:04:28 GMT
piano.js
www.sltrib.com/pf/resources/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/piano.js?d=183
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
f51f7a8ead0bb0920672b9f530d2ac461b04de9f3840f4ca9d590ea47106fff2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
content-encoding
gzip
etag
W/"4d5c0df9d4c988039cfb4795bda8671f"
x-amz-request-id
AA01B060F40C4623
arc-country
US, DK
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
944
x-amz-id-2
qZYbg7tpBLf5QgL7vjCLRsuhiH6+a0i9sEJBoiszNCnHKwXJPRLQ4cKYFZ80oGQzeY0pNHcs+Lg=
last-modified
Thu, 25 Feb 2021 18:11:27 GMT
server
openresty
date
Sun, 28 Feb 2021 01:04:28 GMT
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, private, max-age=31536000
expires
Mon, 28 Feb 2022 01:04:28 GMT
osano.js
cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/ 		368 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4000:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
71f334dd573c755a9af822714671073885ee4cb66307e8df61d23a5b20bd2ab2
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection mode=block

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 16:36:56 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
30452
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
99959
X-XSS-Protection
mode=block
Server
CloudFront
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=2592000
Content-Type
application/javascript; charset=utf-8
Via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
sdZIcpHsioP3e-RnSatPfRhp0zFQ3RLJKhHX6MIU-QRmoLH2hC_k9g==
sp.js
includemodal.global.ssl.fastly.net/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://includemodal.global.ssl.fastly.net/sp.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
10a50cd95a46904b6c652a970e68143189dbf0cbfb19f535741110cb71b5dc28

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
Dw798hpx4n1_8eB.T03ziz93eCfVp8yp
Content-Encoding
gzip
ETag
"210250127ed7f58bab65958fde6eecc7"
Age
2882
X-Cache
HIT
Connection
keep-alive
Content-Length
9603
x-amz-id-2
rULDC3C8FxsOQzSP0xBFObQLWt6avjM/ollAgvqjBIBGsIWzJu7oLX3cMlvpvlZrIpgUsCYpxyY=
X-Served-By
cache-hhn4072-HHN
Last-Modified
Mon, 22 Feb 2021 22:14:27 GMT
Server
AmazonS3
X-Timer
S1614474268.231983,VS0,VE0
Date
Sun, 28 Feb 2021 01:04:28 GMT
Vary
Accept-Encoding
x-amz-request-id
7A0CF943BCA7442C
Via
1.1 varnish
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
48
facebook.js
www.sltrib.com/pf/resources/js/ 		846 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/facebook.js?d=183
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
6a7dd3acbecddc653446803e807cea2b6a85f3c6c1a6cc349b751f5e965647ad
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
content-encoding
gzip
etag
W/"88ccd8266f9a877f78c9ea893d8b8afd"
x-amz-request-id
B140D32E424D11F6
arc-country
US, DK
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
441
x-amz-id-2
0i1yZG2DCfEkLXKt8HKaY0gCwA2MaoNxjMMVn7X3dooPPVGTErpYV7Mqe+6wRBe8a4EyIc3/o8M=
x-akamai-http2-push
1
last-modified
Thu, 25 Feb 2021 18:11:27 GMT
server
openresty
date
Sun, 28 Feb 2021 01:04:27 GMT
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, private, max-age=31536000
expires
Mon, 28 Feb 2022 01:04:27 GMT
twitter.js
www.sltrib.com/pf/resources/js/ 		805 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/twitter.js?d=183
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
325eb0ed9c4b2173718116d97c78e067f83311ed07570de76d154881bee92947
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
content-encoding
gzip
etag
W/"5a2f1dc2518862e9d5beed543cee9f82"
x-amz-request-id
9F6E897052EEB581
arc-country
MX, DK
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
428
x-amz-id-2
8BhVlWSFnAuFr6yzQpZLtSyzzNC/azcX+hvzVlHeYVYK1WJX+ExXGNMu4uZuaql/ZbN9A8/H2Xc=
x-akamai-http2-push
1
last-modified
Thu, 25 Feb 2021 18:11:27 GMT
server
openresty
date
Sun, 28 Feb 2021 01:04:27 GMT
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, private, max-age=31536000
expires
Mon, 28 Feb 2022 01:04:27 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/pf/resources/js/google-analytics.js?d=183
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
3712
date
Sun, 28 Feb 2021 00:02:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Sun, 28 Feb 2021 02:02:36 GMT
gtm.js
www.googletagmanager.com/ 		149 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WJJTW7K
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/pf/resources/js/google-tag-manager.js?d=183
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e613db67519244b5e367d13ccc585c432e8ca6c14af5998438e50f3d4ea1cda3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:28 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51646
x-xss-protection
0
last-modified
Sun, 28 Feb 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 28 Feb 2021 01:04:28 GMT
chartbeat.js
static.chartbeat.com/js/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/pf/resources/js/chartbeat.js?d=183
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5400:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
927ee0dfe51ef11076e57510990fd5c5fcee1cffd5204a4e3d3caee529c3bd01

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 18:13:06 GMT
content-encoding
gzip
last-modified
Thu, 28 Jan 2021 02:03:13 GMT
server
nginx
age
24682
etag
W/"60121b61-8e23"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
X2MLKZErEKL3BIom6zwRSqoeJjh5qLCazNEurCarDXC9uDyofMlgJg==
expires
Sun, 28 Feb 2021 18:13:06 GMT
activityi;dc_pre=CKPQi6qxi-8CFcpEGwodt0sKtw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839
8208269.fls.doubleclick.net/ Frame 5E09
Redirect Chain
  • https://8208269.fls.doubleclick.net/activityi;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839?
  • https://8208269.fls.doubleclick.net/activityi;dc_pre=CKPQi6qxi-8CFcpEGwodt0sKtw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839?
486 B
974 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8208269.fls.doubleclick.net/activityi;dc_pre=CKPQi6qxi-8CFcpEGwodt0sKtw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839?
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f6.1e100.net
Software
cafe /
Resource Hash
42047bfa41fbdf0ba78684863737e71345e37dd7a77280b742d89b81a685022a
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8208269.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CKPQi6qxi-8CFcpEGwodt0sKtw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.sltrib.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 28 Feb 2021 01:04:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
372
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 28-Feb-2021 01:19:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 28 Feb 2021 01:04:28 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8208269.fls.doubleclick.net/activityi;dc_pre=CKPQi6qxi-8CFcpEGwodt0sKtw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activityi;dc_pre=CPPwi6qxi-8CFU0UGwodI1EKGg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839
8234312.fls.doubleclick.net/ Frame 9F9B
Redirect Chain
  • https://8234312.fls.doubleclick.net/activityi;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839?
  • https://8234312.fls.doubleclick.net/activityi;dc_pre=CPPwi6qxi-8CFU0UGwodI1EKGg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839?
486 B
977 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8234312.fls.doubleclick.net/activityi;dc_pre=CPPwi6qxi-8CFU0UGwodI1EKGg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839?
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f6.1e100.net
Software
cafe /
Resource Hash
03500cc457119275d5cb4d45dc16e92f657a49b304682c231d5855e7a5d1f2e3
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8234312.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CPPwi6qxi-8CFU0UGwodI1EKGg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.sltrib.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 28 Feb 2021 01:04:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
375
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 28-Feb-2021 01:19:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 28 Feb 2021 01:04:28 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8234312.fls.doubleclick.net/activityi;dc_pre=CPPwi6qxi-8CFU0UGwodI1EKGg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
uwt.js
static.ads-twitter.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/pf/resources/js/twitter.js?d=183
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:28 GMT
via
1.1 varnish
last-modified
Fri, 04 Dec 2020 00:21:46 GMT
age
800
etag
"cbc512946c8abb461c6215ed5b454e5f+gzip"
vary
Accept-Encoding,Host
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding
gzip
cache-control
no-cache
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
1957
x-timer
S1614474268.258412,VS0,VE0
x-served-by
cache-hhn11555-HHN
ping
ping.chartbeat.net/ 		43 B
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=sltrib.com&p=%2F&u=BQT0qyTvPubCsD89a&d=sltrib.com&g=65212&g0=home&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=5138&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=665&t=DEIjK3oNI9EDWPPh9C7yeobBTl7Yb&V=122&i=The%20Salt%20Lake%20Tribune&tz=-60&_hottopic=&sn=1&sv=B9TXoQBUtYIhDunynEdKcsnDgadwO&sd=1&im=067b0ff3&_
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.67.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-67-161.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
563c6d6c-a9ec-41aa-8ccd-73dcdb17c8eb.js
d2s8wlbatk24s7.cloudfront.net/service/js/ 		44 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/563c6d6c-a9ec-41aa-8ccd-73dcdb17c8eb.js
Requested by
Host: includemodal.global.ssl.fastly.net
URL: https://includemodal.global.ssl.fastly.net/sp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7e00:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
c568aa6ebfcf9cc9d424652cc7427424bb0cc67bc24c97bb56c9bfe106bf8fc2

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 00:24:08 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
age
2420
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
14400
cache-control
public, max-age=14400
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
access-control-allow-headers
*
x-amz-cf-id
O21FHIqKQ77WAneqASbSzN3tOR2bVIAN8ZIlUtW7oHFBcONsSo7XQw==
via
1.1 ec9e3bc729d9c6d55ed32446408ad62f.cloudfront.net (CloudFront)
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		151 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=sltrib.com&domain=sltrib.com&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
471b921e9d77b6022ec8a813db6cf5ec9f7ccd052cf179a1ef46ac1e1fb99920

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:28 GMT
content-encoding
gzip
age
2361
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
expires
Fri, 26 Feb 2021 00:25:06 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
x-cache-hits
1
accept-ranges
bytes
x-timer
S1614474268.363187,VS0,VE0
content-length
124
via
1.1 varnish (Varnish/6.0), 1.1 varnish
x-served-by
cache-fra19123-FRA
pubads_impl_2021022301.js
securepubads.g.doubleclick.net/gpt/ 		290 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
sffe /
Resource Hash
870b2aa31c41ba833e28e8e1eb5d6e4ed828cadf9d40a40a6ebf343a0abdc4b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 23 Feb 2021 09:41:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104129
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:04:28 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		115 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/pf/resources/js/apstag.js?d=183
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-34.fra2.r.cloudfront.net
Software
Server /
Resource Hash
130eab0b79272570e565d77bb286b5755b9aae8f33efe8af7a2689bf8eabb859

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:01:11 GMT
content-encoding
gzip
server
Server
age
196
etag
d7c8ebbead57940cf77ae4183f7ff01a
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
pkiOsnrw5ub40d2SPOSAjPBBoA7O4uIM
x-amz-cf-id
J25ISeLx732jg0aZ3b5nPxCO8pGtUK5xalY5NPLrjrhMDJGSGCQKOg==
connatix.playspace.dc.js
cds.connatix.com/p/104830/ Frame A87A
Redirect Chain
  • https://cd.connatix.com/connatix.playspace.js
  • https://cds.connatix.com/p/104830/connatix.playspace.dc.js
1 MB
221 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/104830/connatix.playspace.dc.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7f1c5e3c6cadffb411882e2eec422c52f8352d7b4b1860b12fbf19794372b488

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
LbqrFvQEvvOZDEctWfzCO7WUAbSEkLu_
via
1.1 varnish, 1.1 varnish
etag
"e726a00bbd9a84fef0a6550cc1cd0298"
age
118121
x-cache
HIT, HIT
x-amz-replication-status
FAILED
content-encoding
br
content-length
225757
x-served-by
cache-dca17723-DCA, cache-hhn4078-HHN
last-modified
Fri, 26 Feb 2021 16:12:15 GMT
x-timer
S1614474269.627103,VS0,VE0
date
Sun, 28 Feb 2021 01:04:28 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
1, 2184

Redirect headers

date
Sun, 28 Feb 2021 01:04:28 GMT
via
1.1 varnish
server
Varnish
age
0
x-served-by
cache-fra19136-FRA
x-cache
HIT
location
https://cds.connatix.com/p/104830/connatix.playspace.dc.js
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
x-timer
S1614474268.488371,VS0,VE1
content-length
0
retry-after
0
x-cache-hits
0
advertising.js
www.npttech.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/pf/resources/js/ad-blocker.js?d=183
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2500
content-type
application/javascript
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
A27C212E2231D899
x-amz-id-2
1cd2S2WOvb8G1v6HhOOni90/eIlZtIGi7dwRoYQbHPFhDHUXZRY7neebruxV0Y4+WgfDzXsJLfY=
last-modified
Wed, 19 Jun 2019 08:25:01 GMT
server
cloudflare
etag
W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2lq4s7u1IWOYz6Mw74n9ojCeV2ALJLoa7qlcbeT8ahFFcWN%2FCbNpB%2BhN5ctxWoxcsg%2Bxq7v%2Fy6EGQj%2FZ5qXwZnfArIpLJCdhI67iaEDoXp5FYPYfOyspufHi%2FcA%3D"}],"max_age":604800}
x-amz-version-id
hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cache-control
max-age=28800
cf-request-id
0887c3670f00002bb96b211000000001
cf-ray
62863b51b97c2bb9-FRA
load
experience.tinypass.com/xbuilder/experience/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=vxCIN3E3cT
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/pf/resources/js/piano.js?d=183
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
281a1c5996dabee532e69c0be0d9bdef31178f9eb492bd9d96a3d69083894889
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:28 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
EXPIRED
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
cf-request-id
0887c3670f00004ea9b634f000000001
x-request-id
Cgbs7pqxZXP
wn
prod-exp-10-0-114-236
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=1800
cf-ray
62863b51b9a74ea9-FRA
expires
Sun, 28 Feb 2021 01:34:28 GMT
js
www.googletagmanager.com/gtag/ 		137 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DC2TJEE08T&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJJTW7K
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e7ddda0b1a65bff2e149ce6fdfd817fea14533264ec63fef859a9749da0bf917
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:28 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53685
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:04:28 GMT
186212-190626348116582.js
js-sec.indexww.com/ht/p/ 		174 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/186212-190626348116582.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJJTW7K
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
aab755a7ebc3c306f844d515294db41a8dd3fb0eda932379fe8d055d5676d4a3

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 28 Feb 2021 01:04:29 GMT
Content-Encoding
gzip
Last-Modified
Sun, 28 Feb 2021 01:01:44 GMT
Server
Apache
ETag
"da47a2-2b8b9-5bc5b0b78c385"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3599
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Content-Type
text/javascript
Expires
Sun, 28 Feb 2021 02:04:28 GMT
asyncPixelSync
pixel.sitescout.com/dmp/ Frame 7BE0
Redirect Chain
  • https://pixel-a.basis.net/dmp/asyncPixelSync
  • https://pixel.sitescout.com/dmp/asyncPixelSync
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash

Request headers

:method
GET
:authority
pixel.sitescout.com
:scheme
https
:path
/dmp/asyncPixelSync
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.sltrib.com/

Response headers

cache-control
max-age=0,no-cache,no-store
pragma
no-cache
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
date
Sun, 28 Feb 2021 01:04:28 GMT
server
AC1.1

Redirect headers

content-length
0
location
https://pixel.sitescout.com/dmp/asyncPixelSync
fbevents.js
connect.facebook.net/en_US/ 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
Go4aC0tCINQBhmpZt7Grm2qkpz2JmsLpHjOekrRK1MK1P2OOblsPRV3mJQa9DcmeQGWwzn7Wd49K/18TCKFZAA==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Sun, 28 Feb 2021 01:04:28 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
x-xss-protection
0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
pushly-sdk.min.js
cdn.p-n.io/ 		342 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.p-n.io/pushly-sdk.min.js?domain_key=8TvuqyAv5q0L7mPKRbEHz1EQbjDrAwgM2XRu
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJJTW7K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.24.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-24-112.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
49277717f8500aea66abf6ea218a3b5803007a92b85871559de84e2c3cc0a26b

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 00:57:07 GMT
content-encoding
gzip
last-modified
Thu, 25 Feb 2021 05:10:25 GMT
server
AmazonS3
age
474
etag
W/"3404192dc7515feb2cf333ef1e27b685"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
AeE8Qcde12LrBrF3FfTjJH3XmrSHmu0ZP1geMLfkPsyj20nRIEfqZQ==
profitwell.js
public.profitwell.com/js/ 		48 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.profitwell.com/js/profitwell.js?auth=82e6ad69346e9e0366f6aa2b465e0006
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80bcead65b21332a5c581789ab06bd727d463245380d4dfd8eca39c4fa984e28

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
eDjRTmmKGoNeXWxLh2hR_WusYq5Ae6b8
content-encoding
gzip
last-modified
Wed, 16 Dec 2020 17:24:12 GMT
server
AmazonS3
age
78717
etag
W/"68ecf2966ea0fb6ccb3de5d40ab6fcc1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 cf2939e85531f45f3306f792ea104eab.cloudfront.net (CloudFront)
cache-control
public,max-age=86400
date
Sat, 27 Feb 2021 22:05:25 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
5co0ndQzt8n_LHYXOJkBHNVrl6CtA75bUHmQFWuHdHkSiO9jz2qvKw==
1ea036853c174e3a
clickserv.sitescout.com/conv/
Redirect Chain
  • https://clickserv.basis.net/conv/1ea036853c174e3a
  • https://clickserv.sitescout.com/conv/1ea036853c174e3a
43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clickserv.sitescout.com/conv/1ea036853c174e3a
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.189 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:28 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control
max-age=0,no-cache,no-store
content-type
image/gif
content-length
43
expires
Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location
https://clickserv.sitescout.com/conv/1ea036853c174e3a
content-length
0
adsct
t.co/i/ 		43 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o0jhs&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.sltrib.com%2F
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
111
pragma
no-cache
last-modified
Sun, 28 Feb 2021 01:04:28 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
3e9dad43db5e825e4ae343b074e385f5
x-transaction
0066fb4e00d8134f
expires
Tue, 31 Mar 1981 05:00:00 GMT
3047781918617987
connect.facebook.net/signals/config/ 		241 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/3047781918617987?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a1419499ded1c624e28100c68d2749057dcf47f4ba37e24567d657e491c1e97f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
cj6M1aTgWRc0EsU46htdaalRwI7GaYWoGmOy7e8czBYVLIUFdS/Vv+jZD8zT1mrQRB2Y+e/tnwlM+OMz8Hfk4A==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 28 Feb 2021 01:04:28 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
63 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-DC2TJEE08T&gtm=2oe2h0&_p=1997287500&sr=1600x1200&ul=en-us&cid=318633835.1614474268&_s=1&dl=https%3A%2F%2Fwww.sltrib.com%2F&dt=The%20Salt%20Lake%20Tribune&sid=1614474268&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DC2TJEE08T&l=dataLayer&cx=c
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
adservice.google.com/ddm/fls/i/dc_pre=CPPwi6qxi-8CFU0UGwodI1EKGg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839;~oref=https://www.sltrib... Frame E635 		485 B
594 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CPPwi6qxi-8CFU0UGwodI1EKGg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839;~oref=https://www.sltrib.com/
Requested by
Host: 8234312.fls.doubleclick.net
URL: https://8234312.fls.doubleclick.net/activityi;dc_pre=CPPwi6qxi-8CFU0UGwodI1EKGg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef6ef3ca242df0770d74e3e8e8a048f43099db623fab406b35e007bd1552d698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.com
:scheme
https
:path
/ddm/fls/i/dc_pre=CPPwi6qxi-8CFU0UGwodI1EKGg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839;~oref=https://www.sltrib.com/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://8234312.fls.doubleclick.net/activityi;dc_pre=CPPwi6qxi-8CFU0UGwodI1EKGg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839?
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://8234312.fls.doubleclick.net/activityi;dc_pre=CPPwi6qxi-8CFU0UGwodI1EKGg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839?

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 28 Feb 2021 01:04:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
376
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
adservice.google.com/ddm/fls/i/dc_pre=CKPQi6qxi-8CFcpEGwodt0sKtw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839;~oref=https://www.sltrib... Frame 08B1 		485 B
443 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CKPQi6qxi-8CFcpEGwodt0sKtw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839;~oref=https://www.sltrib.com/
Requested by
Host: 8208269.fls.doubleclick.net
URL: https://8208269.fls.doubleclick.net/activityi;dc_pre=CKPQi6qxi-8CFcpEGwodt0sKtw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6bd32ad05682d971a4958e90a62ee2b56726f8637198857301fc12e32e5df05e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.com
:scheme
https
:path
/ddm/fls/i/dc_pre=CKPQi6qxi-8CFcpEGwodt0sKtw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839;~oref=https://www.sltrib.com/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://8208269.fls.doubleclick.net/activityi;dc_pre=CKPQi6qxi-8CFcpEGwodt0sKtw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839?
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://8208269.fls.doubleclick.net/activityi;dc_pre=CKPQi6qxi-8CFcpEGwodt0sKtw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839?

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 28 Feb 2021 01:04:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
373
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adsct
analytics.twitter.com/i/ 		31 B
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o0jhs&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.sltrib.com%2F
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
x-response-time
115
pragma
no-cache
last-modified
Sun, 28 Feb 2021 01:04:28 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
f029d4dfaaf87309b318a444c61c8a5d
x-transaction
0052bc7d0009bbfa
expires
Tue, 31 Mar 1981 05:00:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-34.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
8kbPIzTLk7_TMvnggUSDACBTugDfX2qC
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
45981
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Fri, 29 Jan 2021 06:42:57 GMT
server
AmazonS3
date
Sat, 27 Feb 2021 12:18:18 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
VTS7ZwU6rmT1PbaJ_ytHQ6rFW-guwTaMb0du2_lUCSD4Fdxvuw_Xmw==
O73DGDAGCRBEBC3CPDEP6QURRY.JPG
www.sltrib.com/resizer/cshRBYSsWxOfPm0SvrK_4QIpIGo=/366x244/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/cshRBYSsWxOfPm0SvrK_4QIpIGo=/366x244/cloudfront-us-east-1.images.arcpublishing.com/sltrib/O73DGDAGCRBEBC3CPDEP6QURRY.JPG
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
ca066ac2cfdf17c1c21a9bc6d204e5d7c278d93985bc1d7344d00d8162624869
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Akamai Image Server
arc-country
DK
etag
"f10248d81046bf5136419462c58dd468938bc042"
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, max-age=31515238
date
Sun, 28 Feb 2021 01:04:29 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=-320, origin; dur=687
x-akamai-note
original-image
content-length
21551
expires
Sun, 27 Feb 2022 19:18:27 GMT
3KPCZHJA75FQ7LSN6T2SKZPNCA.jpg
www.sltrib.com/resizer/-n3FDfRbhlX3nyn2PQaGj20w2gA=/366x244/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/-n3FDfRbhlX3nyn2PQaGj20w2gA=/366x244/cloudfront-us-east-1.images.arcpublishing.com/sltrib/3KPCZHJA75FQ7LSN6T2SKZPNCA.jpg
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
b3b99beb98a945af8bcf64599f394cc282883de0d329ba80081bf210c51c1c8c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Akamai Image Server
arc-country
DK
etag
"3e1131c5d430aa682a60dc40ac99816187056a1b"
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, max-age=31501130
date
Sun, 28 Feb 2021 01:04:28 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=-487, origin; dur=622
x-akamai-note
original-image
content-length
22354
expires
Sun, 27 Feb 2022 15:23:18 GMT
VWC2ZYVQ6FHOJOYDPXHC6FC46I.jpg
www.sltrib.com/resizer/e5gSMGTQEcFBhTOLvYz39gsZbeg=/600x400/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/e5gSMGTQEcFBhTOLvYz39gsZbeg=/600x400/cloudfront-us-east-1.images.arcpublishing.com/sltrib/VWC2ZYVQ6FHOJOYDPXHC6FC46I.jpg
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
b5b7a95a9dfcdaf606e01cf3f9e0fc100cf051907967e1f6656bf3a1c4abec45
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Akamai Image Server
arc-country
DK
etag
"d788b67e0b7d5652bed0909afee0a9e6f9041f8e"
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, max-age=31530315
date
Sun, 28 Feb 2021 01:04:28 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=129
x-akamai-note
original-image
content-length
41274
expires
Sun, 27 Feb 2022 23:29:43 GMT
MLQIJKSVHFAHJPDLLDRGQT27DM.jpg
www.sltrib.com/resizer/JVDgFYTn-FLsK1ib2NSYbzA8yV4=/366x244/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/JVDgFYTn-FLsK1ib2NSYbzA8yV4=/366x244/cloudfront-us-east-1.images.arcpublishing.com/sltrib/MLQIJKSVHFAHJPDLLDRGQT27DM.jpg
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
f44b31bfc8dd2110d060f10ede8c0b22c5739ce85151d029bbb3ad391a0ab845
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Akamai Image Server
arc-country
DK
etag
"8aee71fa064bebd447f196cdbb8cd6e08730eb56"
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, max-age=31494659
date
Sun, 28 Feb 2021 01:04:29 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=273
x-akamai-note
original-image
content-length
25936
expires
Sun, 27 Feb 2022 13:35:28 GMT
WXT2CJ7NGVCNVIPJAUGSWXK74Y.jpg
www.sltrib.com/resizer/GfsKY-_oo1OcpHRqV1ZXhJKvoJs=/366x244/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/GfsKY-_oo1OcpHRqV1ZXhJKvoJs=/366x244/cloudfront-us-east-1.images.arcpublishing.com/sltrib/WXT2CJ7NGVCNVIPJAUGSWXK74Y.jpg
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
50ea306caad273fb96189b9b3515e1711dfc5b3b4620bbac4358398777374616
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;, upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Akamai Image Server
arc-country
DK
etag
"ca03d0b78743de64b6906be6c20e1ffbac10eafc"
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, max-age=31519523
date
Sun, 28 Feb 2021 01:04:29 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=-127, origin; dur=415
x-akamai-note
original-image
content-length
15035
expires
Sun, 27 Feb 2022 20:29:52 GMT
/
8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CPPwi6qxi-8CFU0UGwodI1EKGg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839;~oref=https://www... Frame 1310
Redirect Chain
  • https://adservice.google.de/ddm/fls/i/dc_pre=CPPwi6qxi-8CFU0UGwodI1EKGg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839;~oref=https://www...
  • https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CPPwi6qxi-8CFU0UGwodI1EKGg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839;~oref=htt...
845 B
797 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CPPwi6qxi-8CFU0UGwodI1EKGg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839;~oref=https://www.sltrib.com/
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CPPwi6qxi-8CFU0UGwodI1EKGg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839;~oref=https://www.sltrib.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f6.1e100.net
Software
cafe /
Resource Hash
b3074e2cf0b12bcf10b46ed42bbe45b43ddfb868a7434b8e7b45ec387924c09a
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8234312.fls.doubleclick.net
:scheme
https
:path
/ddm/fls/r/dc_pre=CPPwi6qxi-8CFU0UGwodI1EKGg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839;~oref=https://www.sltrib.com/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adservice.google.com/ddm/fls/i/dc_pre=CPPwi6qxi-8CFU0UGwodI1EKGg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839;~oref=https://www.sltrib.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://adservice.google.com/ddm/fls/i/dc_pre=CPPwi6qxi-8CFU0UGwodI1EKGg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839;~oref=https://www.sltrib.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 28 Feb 2021 01:04:28 GMT
expires
Sun, 28 Feb 2021 01:04:28 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
506
x-xss-protection
0
set-cookie
IDE=AHWqTUmsp9gFEFk_4ac5UT0AFQCoD_E8_di2fewZ8UT_FbkCl144kOfvBuJWGSJYpwk; expires=Fri, 25-Mar-2022 01:04:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 28 Feb 2021 01:04:28 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
location
https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CPPwi6qxi-8CFU0UGwodI1EKGg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839;~oref=https://www.sltrib.com/
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
/
adservice.google.de/ddm/fls/i/dc_pre=CKPQi6qxi-8CFcpEGwodt0sKtw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839;~oref=https://www.sltrib.... Frame C5B7 		194 B
877 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CKPQi6qxi-8CFcpEGwodt0sKtw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839;~oref=https://www.sltrib.com/
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKPQi6qxi-8CFcpEGwodt0sKtw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839;~oref=https://www.sltrib.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.de
:scheme
https
:path
/ddm/fls/i/dc_pre=CKPQi6qxi-8CFcpEGwodt0sKtw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839;~oref=https://www.sltrib.com/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adservice.google.com/ddm/fls/i/dc_pre=CKPQi6qxi-8CFcpEGwodt0sKtw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839;~oref=https://www.sltrib.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://adservice.google.com/ddm/fls/i/dc_pre=CKPQi6qxi-8CFcpEGwodt0sKtw;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839;~oref=https://www.sltrib.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 28 Feb 2021 01:04:28 GMT
expires
Sun, 28 Feb 2021 01:04:28 GMT
cache-control
private, max-age=0
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
177
x-xss-protection
0
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
tinypass.min.js
cdn.tinypass.com/api/ 		397 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=vxCIN3E3cT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abf570aeae62b7ce75f12a8db69d6afeea7d2fc617f266ba6c7ca59390c664c5
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
101
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
cf-request-id
0887c3688e00004ea9b635d000000001
wn
prod-dash-10-0-87-89
last-modified
Fri, 26 Feb 2021 17:16:10 GMT
server
cloudflare
etag
W/"406902-1614359770000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
application/javascript
server-time
0.000
cache-control
public, max-age=300
cf-ray
62863b541bc24ea9-FRA
expires
Sun, 28 Feb 2021 01:09:28 GMT
/
www.facebook.com/tr/ 		44 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=3047781918617987&ev=PageView&dl=https%3A%2F%2Fwww.sltrib.com%2F&rl=&if=false&ts=1614474268818&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1614474268816.1205924955&it=1614474268440&coo=false&rqm=GET
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:28 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sun, 28 Feb 2021 01:04:28 GMT
cx.cce.js
cdn.cxense.com/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9b18e7bfca8064c887385c5cf57bdbcb6f7d263d0fb9cb320d94bc1f82a62a7c

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 28 Feb 2021 01:04:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Feb 2021 15:28:34 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5903
Expires
Sun, 28 Feb 2021 02:04:28 GMT
execute
experience.tinypass.com/xbuilder/experience/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/execute?aid=vxCIN3E3cT
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
225be4786a72f5082833b923c8b2aa2c438f8e1dcf0c825e06dfa13df9052ef3
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains

Request headers

Accept
*/*
Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 28 Feb 2021 01:04:29 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
cf-request-id
0887c368f600004ea95d0e1000000001
x-request-id
Chbs7pqcUtI
pragma
no-cache
wn
prod-exp-10-0-116-170
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
62863b54bc754ea9-FRA
expires
Thu, 01 Jan 1970 00:00:00 GMT
cx.js
cdn.cxense.com/ 		110 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
bb32ac1bd9c989297c96b396deef0f68ec7bdd92c2e1e7aa2482ac44380e8317

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 28 Feb 2021 01:04:28 GMT
Content-Encoding
gzip
Last-Modified
Thu, 25 Feb 2021 14:21:21 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26560
Expires
Sun, 28 Feb 2021 02:04:28 GMT
asyncPixelSync
pixel.sitescout.com/dmp/ Frame D412
Redirect Chain
  • https://pixel-a.basis.net/dmp/asyncPixelSync
  • https://pixel.sitescout.com/dmp/asyncPixelSync
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by
Host: 8234312.fls.doubleclick.net
URL: https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CPPwi6qxi-8CFU0UGwodI1EKGg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839;~oref=https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash

Request headers

:method
GET
:authority
pixel.sitescout.com
:scheme
https
:path
/dmp/asyncPixelSync
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CPPwi6qxi-8CFU0UGwodI1EKGg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839;~oref=https://www.sltrib.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CPPwi6qxi-8CFU0UGwodI1EKGg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839;~oref=https://www.sltrib.com/

Response headers

cache-control
max-age=0,no-cache,no-store
pragma
no-cache
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
date
Sun, 28 Feb 2021 01:04:28 GMT
server
AC1.1

Redirect headers

content-length
0
location
https://pixel.sitescout.com/dmp/asyncPixelSync
9f30138796dc7a6a
pixel.sitescout.com/iap/ Frame 1310
Redirect Chain
  • https://pixel-a.basis.net/iap/9f30138796dc7a6a
  • https://pixel.sitescout.com/iap/9f30138796dc7a6a
0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/iap/9f30138796dc7a6a
Requested by
Host: 8234312.fls.doubleclick.net
URL: https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CPPwi6qxi-8CFU0UGwodI1EKGg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839;~oref=https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CPPwi6qxi-8CFU0UGwodI1EKGg;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7854641983486.839;~oref=https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:28 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location
https://pixel.sitescout.com/iap/9f30138796dc7a6a
content-length
0
publishertag.js
static.criteo.net/js/ld/ 		114 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186212-190626348116582.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
69e31d53d95f965695db3712f85925810e90cc839a793c87adfcb21eb637673e

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:29 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 11:00:30 GMT
server
nginx
etag
W/"6034e04e-1c974"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Mon, 01 Mar 2021 01:04:29 GMT
identity
api.rlcdn.com/api/ 		0
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186212-190626348116582.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.207.148 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
148.207.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 28 Feb 2021 01:04:29 GMT
via
1.1 google
alt-svc
clear
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
rid
match.adsrvr.org/track/ 		109 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186212
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186212-190626348116582.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.225.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a6af924b608288bebdda417d82bd8e069cc6623ec6351bbf31aa95b55265166b

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 28 Feb 2021 01:04:29 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sltrib.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Tue, 30 Mar 2021 01:04:29 GMT
up
insight.adsrvr.org/track/ Frame 83CC 		0
182 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=5vq8sv1&ref=https%3A%2F%2Fwww.sltrib.com%2F&upid=o6m9dvt&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.61.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
insight.adsrvr.org
:scheme
https
:path
/track/up?adv=5vq8sv1&ref=https%3A%2F%2Fwww.sltrib.com%2F&upid=o6m9dvt&upv=1.1.0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.sltrib.com/

Response headers

date
Sun, 28 Feb 2021 01:04:29 GMT
content-type
text/html
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
syncframe
gum.criteo.com/ Frame C103 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.sltrib.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.sltrib.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.sltrib.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
2406
date
Sun, 28 Feb 2021 01:04:28 GMT
content-length
0
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=3047781918617987&ev=Microdata&dl=https%3A%2F%2Fwww.sltrib.com%2F&rl=&if=false&ts=1614474269339&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22The%20Salt%20Lake%20Tribune%22%2C%22meta%3Adescription%22%3A%22Utah%27s%20independent%20nonprofit%20news%20source%20covers%20news%2C%20politics%2C%20faith%2C%20arts%20and%20sports%20for%20Salt%20Lake%20City%20and%20Utah.%20Read%20Pulitzer%20Prize-winning%20journalism.%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Asite_name%22%3A%22The%20Salt%20Lake%20Tribune%22%2C%22og%3Atitle%22%3A%22The%20Salt%20Lake%20Tribune%20-%20Utah%20News%2C%20Sports%2C%20Religion%20%26%20Entertainment%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.sltrib.com%2Fpf%2Fresources%2Fimg%2Fsltrib_facebook_card.png%3Fd%3D183%22%2C%22og%3Adescription%22%3A%22Utah%27s%20independent%20nonprofit%20news%20source%20covers%20news%2C%20politics%2C%20faith%2C%20arts%20and%20sports%20for%20Salt%20Lake%20City%20and%20Utah.%20Read%20Pulitzer%20Prize-winning%20journalism.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fsltrib.com%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22url%22%3A%22https%3A%2F%2Fwww.sltrib.com%22%2C%22logo%22%3A%22http%3A%2F%2Flocal.sltrib.com%2Fmarketing%2Ftribune_T.png%22%7D%2C%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22BreadcrumbList%22%2C%22itemListElement%22%3A%5B%7B%22%40type%22%3A%22ListItem%22%2C%22position%22%3A1%2C%22name%22%3A%22Education%22%2C%22item%22%3A%22https%3A%2F%2Fsltrib.com%2Fnews%2Feducation%22%7D%5D%7D%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1614474268816.1205924955&it=1614474268440&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:29 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sun, 28 Feb 2021 01:04:29 GMT
rep.gif
scomcluster.cxense.com/Repo/ 		43 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scomcluster.cxense.com/Repo/rep.gif?ver=1&typ=pgv&rnd=klogamlde3rg38d7&acc=0&sid=1128453729513347938&loc=https%3A%2F%2Fwww.sltrib.com%2F&gol=&pgn=&new=0&arf=0&ltm=1614474268958&ref=&tzo=-60&res=1600x1200&dpr=1&col=24&jav=0&bln=en-US&chs=UTF-8&cks=klogamy54mec8261&ckp=klogamlo3d2gielg&glb=&wsz=1600x1200&cp_userState=anon&cp_ver=2.40&cp_testGroup=89&fls=0&flv=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.63.12.147 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
de715.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 28 Feb 2021 01:04:29 GMT
Server
Jetty(9.4.28.v20200408)
P3P
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length
43
Content-Type
image/gif
collect
www.google-analytics.com/j/ 		4 B
52 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1997287500&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sltrib.com%2F&ul=en-us&de=UTF-8&dt=The%20Salt%20Lake%20Tribune&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEABAAAAAC~&jid=1374267849&gjid=1593200125&cid=318633835.1614474268&tid=UA-26935592-1&_gid=1136432078.1614474268&_r=1&_slc=1&cd3=Homepage&cd7=anon&z=904629579
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-26935592-1&cid=318633835.1614474268&jid=1374267849&gjid=1593200125&_gid=1136432078.1614474268&_u=aGBAAEAAAAAAAC~&z=1942810617
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 28 Feb 2021 01:04:29 GMT
content-type
text/plain
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-26935592-1&cid=318633835.1614474268&jid=1374267849&_u=aGBAAEAAAAAAAC~&z=911423030
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-26935592-1&cid=318633835.1614474268&jid=1374267849&_u=aGBAAEAAAAAAAC~&z=911423030
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1538e3b9cb885329d7ec37ef73e34053f4b55174a738028bd62a83e25d48c9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 00:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2667
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6355
x-xss-protection
0
server
cafe
etag
18225610270060991024
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 28 Feb 2021 01:20:03 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sltrib.com%2F&pid=ekaWyOUlbzAt0&cb=0&ws=1600x1200&v=7.59.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F89799359%2Fnew_sltrib.com%2FHome%2Fundefined%22%7D%5D&cfgv=0&pubid=debf9330-3806-4aee-a4d7-19e9cece1a09&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-34.fra2.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:31 GMT
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
bskrJ1j7hTld8bReAy3jZtNkU1K84qFCW1KnXIGmDgUMxRlWJ3egqQ==
integrator.js
adservice.google.dk/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.dk/adsid/integrator.js?domain=www.sltrib.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Feb 2021 01:04:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sltrib.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Feb 2021 01:04:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1373389036586476&correlator=2747699233092667&output=ldjh&impl=fif&vrg=2021022301&ptt=17&sc=1&sfv=1-0-37&ecs=20210228&iu_parts=89799359%2Cnew_sltrib.com%2CHome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=SLT-NEW-POS%3Dleaderboard_hp_atf%2Cleaderboard_hp_atf%26div%3Dsltrib-promo-1&cust_params=amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1614474249&dt=1614474270686&dlt=1614474267911&idt=589&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=16&adks=2792047822&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sltrib.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x90&msz=728x-1&ga_vid=318633835.1614474268&ga_sid=1614474271&ga_hid=1997287500&fws=0&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
3886d7f39ab72badd9388dfdce2130f50d5ee21f8c8250fe5ca51b3e90e84766
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2507
x-xss-protection
0
google-lineitem-id
5111211099
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138270802042
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sltrib.com%2F&pid=ekaWyOUlbzAt0&cb=1&ws=1600x1200&v=7.59.00&t=2000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F89799359%2Fnew_sltrib.com%2FHome%2Fundefined%22%7D%5D&cfgv=0&pubid=debf9330-3806-4aee-a4d7-19e9cece1a09&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-34.fra2.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:31 GMT
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
wZ0JDdzd06NNEBHrwgj0Jz51E_uXbzPJXZHkDyFVhNZ97zttAEva_A==
ads
securepubads.g.doubleclick.net/gampad/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1373389036586476&correlator=2747699233092667&output=ldjh&impl=fif&vrg=2021022301&ptt=17&sc=1&sfv=1-0-37&ecs=20210228&iu_parts=89799359%2Cnew_sltrib.com%2CHome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=SLT-NEW-POS%3Dmob_cube1%26div%3Dsltrib-promo-2&cookie_enabled=1&bc=31&abxe=1&lmt=1614474249&dt=1614474270700&dlt=1614474267911&idt=589&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1804718113&ucis=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sltrib.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x-1&ga_vid=318633835.1614474268&ga_sid=1614474271&ga_hid=1997287500&fws=128&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
ce0da7e2caf1690a740ce621a80b23239b2563da6c0e4a67cd23680152cdf7c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2501
x-xss-protection
0
google-lineitem-id
5111211108
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138270937504
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sltrib.com%2F&pid=ekaWyOUlbzAt0&cb=2&ws=1600x1200&v=7.59.00&t=2000&slots=%5B%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F89799359%2Fnew_sltrib.com%2FHome%2Fmob_cube2%22%7D%5D&cfgv=0&pubid=debf9330-3806-4aee-a4d7-19e9cece1a09&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-34.fra2.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:31 GMT
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
k5J-ePBFE_gOwc_mMJ68qJJr7R6MPvtBxahb3bkdnNFDyuYsCDvMbQ==
ads
securepubads.g.doubleclick.net/gampad/ 		49 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1373389036586476&correlator=2747699233092667&output=ldjh&impl=fif&vrg=2021022301&ptt=17&sc=1&sfv=1-0-37&ecs=20210228&iu_parts=89799359%2Cnew_sltrib.com%2CHome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=SLT-NEW-POS%3Dmob_cube2%2Cmob_cube2%2Cmob_cube2%26div%3Dsltrib-promo-3&cookie_enabled=1&bc=31&abxe=1&lmt=1614474249&dt=1614474270708&dlt=1614474267911&idt=589&frm=20&biw=1600&bih=1200&oid=3&adxs=1077&adys=248&adks=3590441876&ucis=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sltrib.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=318633835.1614474268&ga_sid=1614474271&ga_hid=1997287500&fws=0&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
32d08a761899ea21cb8e5f46fd14e1e3aa3fb05df6d98499600c3831d86f6857
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11769
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sltrib.com%2F&pid=ekaWyOUlbzAt0&cb=3&ws=1600x1200&v=7.59.00&t=2000&slots=%5B%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%22%2F89799359%2Fnew_sltrib.com%2FHome%2Fbb1%22%7D%5D&cfgv=0&pubid=debf9330-3806-4aee-a4d7-19e9cece1a09&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-34.fra2.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:31 GMT
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
n4ky-G2Taj0G58-CVOTEMZ-htjjpeThNvJw98_k0lHKY6pbRXArsvw==
ads
securepubads.g.doubleclick.net/gampad/ 		65 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1373389036586476&correlator=2747699233092667&output=ldjh&impl=fif&vrg=2021022301&ptt=17&sc=1&sfv=1-0-37&ecs=20210228&iu_parts=89799359%2Cnew_sltrib.com%2CHome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250&prev_scp=SLT-NEW-POS%3Dmob_cube3%2Cleaderboard1%2Cbb1%26div%3Dsltrib-promo-4&cookie_enabled=1&bc=31&abxe=1&lmt=1614474249&dt=1614474270716&dlt=1614474267911&idt=589&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=972&adks=2171281020&ucis=4&ifi=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sltrib.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x250&msz=970x-1&ga_vid=318633835.1614474268&ga_sid=1614474271&ga_hid=1997287500&fws=0&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
09365e3612d2c491e2830f5e8fb71f310d99e4ad8ee640a2e1f0bb81830374da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13255
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sltrib.com%2F&pid=ekaWyOUlbzAt0&cb=4&ws=1600x1200&v=7.59.00&t=2000&slots=%5B%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%22%2F89799359%2Fnew_sltrib.com%2FHome%2Fbb2%22%7D%5D&cfgv=0&pubid=debf9330-3806-4aee-a4d7-19e9cece1a09&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-34.fra2.r.cloudfront.net
Software
Server /
Resource Hash
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:31 GMT
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
Y3VDRoAjCcp2RG8rTj1whDJKlhATdowsnQ7rNbTluSKMqjPyoHTx7g==
ads
securepubads.g.doubleclick.net/gampad/ 		81 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1373389036586476&correlator=2747699233092667&output=ldjh&impl=fif&vrg=2021022301&ptt=17&sc=1&sfv=1-0-37&ecs=20210228&iu_parts=89799359%2Cnew_sltrib.com%2CHome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250&prev_scp=SLT-NEW-POS%3Dmob_cube4%2Cleaderboard2%2Cbb2%26div%3Dsltrib-promo-5&cookie_enabled=1&bc=31&abxe=1&lmt=1614474249&dt=1614474270724&dlt=1614474267911&idt=589&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1955&adks=3436275082&ucis=5&ifi=5&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sltrib.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1250x250&msz=970x-1&ga_vid=318633835.1614474268&ga_sid=1614474271&ga_hid=1997287500&fws=0&ohw=0&btvi=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
530c3fbf616958c8b72743289b58268410c9c281f50429cb564ec9329aab8edc
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15776197570356021461/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15776197570356021461/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLy86quxi-8CFdW43godHRkL1w&gqi=&layout=/sadbundle/%24csp%253Der3%24/15776197570356021461/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15776197570356021461/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15776197570356021461/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLy86quxi-8CFdW43godHRkL1w&gqi=&layout=/sadbundle/%24csp%253Der3%24/15776197570356021461/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26187
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Sun, 28 Feb 2021 01:04:32 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
arj
sltrib-d.openx.net/w/1.0/
Redirect Chain
  • https://sltrib-d.openx.net/w/1.0/arj?auid=540769366&aus=970x250&ju=https%3A%2F%2Fwww.sltrib.com%2F&jr=&ch=UTF-8&tz=-60&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headerta...
  • https://sltrib-d.openx.net/w/1.0/arj?cc=1&auid=540769366&aus=970x250&ju=https%3A%2F%2Fwww.sltrib.com%2F&jr=&ch=UTF-8&tz=-60&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.hea...
232 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sltrib-d.openx.net/w/1.0/arj?cc=1&auid=540769366&aus=970x250&ju=https%3A%2F%2Fwww.sltrib.com%2F&jr=&ch=UTF-8&tz=-60&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._mTHeoe9s&cache=1614474270730&ttduuid=cc897bc1-4153-41f1-be3c-11ad11109557
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
c6a6a422ca749be86f5d83b8d2e38646adc1c8164f58f2d06a0ec82fa6a874ad

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:30 GMT
content-encoding
gzip
server
OXGW/16.202.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sltrib.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
218
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sun, 28 Feb 2021 01:04:30 GMT
via
1.1 google
server
OXGW/16.202.0
location
https://sltrib-d.openx.net/w/1.0/arj?cc=1&auid=540769366&aus=970x250&ju=https%3A%2F%2Fwww.sltrib.com%2F&jr=&ch=UTF-8&tz=-60&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._mTHeoe9s&cache=1614474270730&ttduuid=cc897bc1-4153-41f1-be3c-11ad11109557
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
alt-svc
clear
content-length
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21318&size_id=57&rp_floor=0.01&rf=https%3A%2F%2Fwww.sltrib.com%2F&p_screen_res=1600x1200&site_id=277252&zone_id=1385314&kw=rp.fastlane&tk_flint=index&rand=0.6298274540753199
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186212-190626348116582.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
94cdb64a6df3ecad884b92b10669fc2fe9b6c80fb813ef2a4fe7d1db152d5691

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:30 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186212-190626348116582.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:30 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.145:80
AN-X-Request-Uuid
aa8610ad-2115-42f7-b6b9-be92f440b38c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		66 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?v=7.2&s=229483&fn=headertag.IndexExchangeHtb.adResponseCallback&r=%7B%22id%22%3A50610297%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.sltrib.com%2F%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2226%22%2C%22siteID%22%3A%22347966%22%7D%2C%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22cc897bc1-4153-41f1-be3c-11ad11109557%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-02-28T01%3A04%3A29%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186212-190626348116582.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.135 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-135.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
66514d6a5dea76d892266379828937241e0db80c26582c063d5e639333b270f8

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:30 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DK], RC:[], CN:[EU], CIP:[82.102.20.235], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://www.sltrib.com
x-cs-client-geo
10
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
86
x-ak-client-geo
10
expires
Sun, 28 Feb 2021 01:04:30 GMT
cdb
bidder.criteo.com/ 		0
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=105&profileId=154&cb=67033194879
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sltrib.com
date
Sun, 28 Feb 2021 01:04:29 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
ortb
bid.contextweb.com/header/ 		0
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.contextweb.com/header/ortb
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186212-190626348116582.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.148.27.134 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 28 Feb 2021 01:04:30 GMT
server
envoy
cwdl
22/4211
access-control-allow-origin
https://www.sltrib.com
access-control-expose-headers
Access-Control-Allow-Origin
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
cw-server
bid-deployment-584d8dd44b-d66mc
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sltrib.com%2F&pid=ekaWyOUlbzAt0&cb=5&ws=1600x1200&v=7.59.00&t=2000&slots=%5B%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%22%2F89799359%2Fnew_sltrib.com%2FHome%2Fbb3%22%7D%5D&cfgv=0&pubid=debf9330-3806-4aee-a4d7-19e9cece1a09&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-34.fra2.r.cloudfront.net
Software
Server /
Resource Hash
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:31 GMT
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
vt75rKvRPoFoVNT38T0rWZEA2RKSArHpRpXfuFg-wVbKO-dEwsAeMg==
cdb
bidder.criteo.com/ 		0
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=105&profileId=154&cb=21560266871
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sltrib.com
date
Sun, 28 Feb 2021 01:04:30 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
ortb
bid.contextweb.com/header/ 		0
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.contextweb.com/header/ortb
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186212-190626348116582.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.148.27.134 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 28 Feb 2021 01:04:30 GMT
server
envoy
cwdl
22/4211
access-control-allow-origin
https://www.sltrib.com
access-control-expose-headers
Access-Control-Allow-Origin
access-control-allow-credentials
true
x-envoy-upstream-service-time
8
cw-server
bid-deployment-584d8dd44b-ljttc
arj
sltrib-d.openx.net/w/1.0/
Redirect Chain
  • https://sltrib-d.openx.net/w/1.0/arj?auid=540769383&aus=300x600&ju=https%3A%2F%2Fwww.sltrib.com%2F&jr=&ch=UTF-8&tz=-60&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headerta...
  • https://sltrib-d.openx.net/w/1.0/arj?cc=1&auid=540769383&aus=300x600&ju=https%3A%2F%2Fwww.sltrib.com%2F&jr=&ch=UTF-8&tz=-60&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.hea...
232 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sltrib-d.openx.net/w/1.0/arj?cc=1&auid=540769383&aus=300x600&ju=https%3A%2F%2Fwww.sltrib.com%2F&jr=&ch=UTF-8&tz=-60&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._TSh1g2aq&cache=1614474270742&ttduuid=cc897bc1-4153-41f1-be3c-11ad11109557
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
88150d8853079744a305c68c7f5b7ef0609f4dc7fe3a5a2e38edf0cd21402a74

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:30 GMT
content-encoding
gzip
server
OXGW/16.202.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sltrib.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
218
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sun, 28 Feb 2021 01:04:30 GMT
via
1.1 google
server
OXGW/16.202.0
location
https://sltrib-d.openx.net/w/1.0/arj?cc=1&auid=540769383&aus=300x600&ju=https%3A%2F%2Fwww.sltrib.com%2F&jr=&ch=UTF-8&tz=-60&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._TSh1g2aq&cache=1614474270742&ttduuid=cc897bc1-4153-41f1-be3c-11ad11109557
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
alt-svc
clear
content-length
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186212-190626348116582.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:30 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.245:80
AN-X-Request-Uuid
5853d3fe-00c8-4b20-a940-dae46ae27fc8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21318&size_id=10&rp_floor=0.01&rf=https%3A%2F%2Fwww.sltrib.com%2F&p_screen_res=1600x1200&site_id=277252&zone_id=1385348&kw=rp.fastlane&tk_flint=index&rand=0.9345309112012588
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186212-190626348116582.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
d5a85d731ebd57ab35aa30ebeddc68c59c5d6e5f77b75deb4943100f8dcb8968

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:30 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ 		65 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?v=7.2&s=229483&fn=headertag.IndexExchangeHtb.adResponseCallback&r=%7B%22id%22%3A6529022%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.sltrib.com%2F%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%229%22%2C%22siteID%22%3A%22347969%22%7D%2C%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22cc897bc1-4153-41f1-be3c-11ad11109557%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-02-28T01%3A04%3A29%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186212-190626348116582.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.135 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-135.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9109b5c121842a9b8ab69a6133097f8826e9971be37ed5b8877f4cfcd7f1c1f8

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:30 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DK], RC:[], CN:[EU], CIP:[82.102.20.235], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://www.sltrib.com
x-cs-client-geo
10
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
85
x-ak-client-geo
10
expires
Sun, 28 Feb 2021 01:04:30 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sltrib.com%2F&pid=ekaWyOUlbzAt0&cb=6&ws=1600x1200&v=7.59.00&t=2000&slots=%5B%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F89799359%2Fnew_sltrib.com%2FHome%2Fmonster1%22%7D%5D&cfgv=0&pubid=debf9330-3806-4aee-a4d7-19e9cece1a09&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-34.fra2.r.cloudfront.net
Software
Server /
Resource Hash
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:31 GMT
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
MNSS9_rsZW2qP-oVhQUrIlszm4qN5vmKmtAmO-IwZ4ux6jNECERClw==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sltrib.com%2F&pid=ekaWyOUlbzAt0&cb=7&ws=1600x1200&v=7.59.00&t=2000&slots=%5B%7B%22sd%22%3A%227%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%22%2F89799359%2Fnew_sltrib.com%2FHome%2Fbb4%22%7D%5D&cfgv=0&pubid=debf9330-3806-4aee-a4d7-19e9cece1a09&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-34.fra2.r.cloudfront.net
Software
Server /
Resource Hash
8ec3cdfcdc79223ee04ed060812314854cb3b3d9d1914390c755934366fc3693

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:30 GMT
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
tQHELwOT3nnsRv3ppSoMKiip7OUGJk4-fUlCbyqkhRpaLeFlkNKNjw==
ads
securepubads.g.doubleclick.net/gampad/ 		68 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1373389036586476&correlator=2747699233092667&output=ldjh&impl=fif&vrg=2021022301&ptt=17&sc=1&sfv=1-0-37&ecs=20210228&iu_parts=89799359%2Cnew_sltrib.com%2CHome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250&prev_scp=SLT-NEW-POS%3Dmod_cube7%2Cleaderboard4%2Cbb4%26div%3Dsltrib-promo-8&cookie_enabled=1&bc=31&abxe=1&lmt=1614474249&dt=1614474270752&dlt=1614474267911&idt=589&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=4330&adks=2137477007&ucis=6&ifi=6&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sltrib.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1290x435&msz=970x-1&ga_vid=318633835.1614474268&ga_sid=1614474271&ga_hid=1997287500&fws=0&ohw=0&btvi=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
c5db7c87a0421340bc7fed02fd0d08e7685f34bfe4c33b8c9ca62ae55245cfcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14095
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sltrib.com%2F&pid=ekaWyOUlbzAt0&cb=8&ws=1600x1200&v=7.59.00&t=2000&slots=%5B%7B%22sd%22%3A%228%22%2C%22s%22%3A%5B%221140x90%22%5D%2C%22sn%22%3A%22%2F89799359%2Fnew_sltrib.com%2FHome%2Fdesktop_banner_fixed%22%7D%5D&cfgv=0&pubid=debf9330-3806-4aee-a4d7-19e9cece1a09&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-34.fra2.r.cloudfront.net
Software
Server /
Resource Hash
c905a799c91593b68a840f7aae0bd411b7f0d2d475c8f5f5a780d54018fb61b8

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:31 GMT
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
GgtnS4SNlbrMhSdieNsZPBYDu0rjmw0VvPTRR1JK-b17lIKIPeSEIw==
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1373389036586476&correlator=2747699233092667&output=ldjh&impl=fif&vrg=2021022301&ptt=17&sc=1&sfv=1-0-37&ecs=20210228&iu_parts=89799359%2Cnew_sltrib.com%2CHome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1140x90&prev_scp=SLT-NEW-POS%3Dmob_banner_fixed%2Cdesktop_banner_fixed%2Cdesktop_banner_fixed%26div%3Dsltrib-promo-99&cookie_enabled=1&bc=31&abxe=1&lmt=1614474249&dt=1614474270761&dlt=1614474267911&idt=589&frm=20&biw=1600&bih=1200&oid=3&adxs=230&adys=1110&adks=1607307675&ucis=7&ifi=7&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sltrib.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1140x-1&ga_vid=318633835.1614474268&ga_sid=1614474271&ga_hid=1997287500&fws=512&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
723ba37bf43995b73849ec2b15d7e18131de84f006a15079e288ba8b21adb037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:33 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8721
x-xss-protection
0
google-lineitem-id
5562456901
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138333942576
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
ping.chartbeat.net/ 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=sltrib.com&p=%2F&u=BQT0qyTvPubCsD89a&d=sltrib.com&g=65212&g0=home&g1=No%20Author&n=1&f=00001&c=0.04&x=0&m=0&y=5351&o=1600&w=1200&j=30&R=1&W=0&I=0&E=2&e=2&r=&b=665&t=DEIjK3oNI9EDWPPh9C7yeobBTl7Yb&V=122&tz=-60&_hottopic=&_acct=anon&sn=2&sv=B9TXoQBUtYIhDunynEdKcsnDgadwO&sd=1&im=067b0ff3&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.67.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-67-161.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
events
bidder.criteo.com/csm/ 		0
144 B 		Other
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sltrib.com
date
Sun, 28 Feb 2021 01:04:30 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
events
bidder.criteo.com/csm/ 		0
144 B 		Other
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sltrib.com
date
Sun, 28 Feb 2021 01:04:30 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
pd
eu-u.openx.net/w/1.0/ Frame 5D00 		1007 B
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186212-190626348116582.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
f2e2f67851f4764753ebe2da932d6ab75050c35a45f03f8924f8df756f70a48d

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=9032aab0-9605-0615-1fbd-0ee99aa13989|1614474270
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.sltrib.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=9032aab0-9605-0615-1fbd-0ee99aa13989|1614474270; Version=1; Expires=Mon, 28-Feb-2022 01:04:30 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1614474270|mOgegqnskin0vNomiygu; Version=1; Expires=Mon, 15-Mar-2021 01:04:30 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.202.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sun, 28 Feb 2021 01:04:30 GMT
content-type
text/html
content-length
546
content-encoding
gzip
via
1.1 google
alt-svc
clear
pd
eu-u.openx.net/w/1.0/ Frame B134 		1007 B
851 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186212-190626348116582.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
f2e2f67851f4764753ebe2da932d6ab75050c35a45f03f8924f8df756f70a48d

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=9032aab0-9605-0615-1fbd-0ee99aa13989|1614474270
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.sltrib.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=9032aab0-9605-0615-1fbd-0ee99aa13989|1614474270; Version=1; Expires=Mon, 28-Feb-2022 01:04:31 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1614474271|mOgegqnskin0vNomiygu; Version=1; Expires=Mon, 15-Mar-2021 01:04:31 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.202.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sun, 28 Feb 2021 01:04:31 GMT
content-type
text/html
content-length
546
content-encoding
gzip
via
1.1 google
alt-svc
clear
d759f3ad-af2e-abab-74bc-d0f401d1c73d
pr-bh.ybp.yahoo.com/sync/openx/ Frame 5D00 		43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/d759f3ad-af2e-abab-74bc-d0f401d1c73d?gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:31 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 5D00
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=YGZMe7481LgavB5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=YGZMe7481LgavB5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:31 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:30 GMT
Server
PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-015d5badb48c29580@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=YGZMe7481LgavB5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame 5D00
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ccea5f36-4cb1-4c96-a012-ef5e24f863ad&ssp=openx&gdpr=&gdpr_consent=
43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ccea5f36-4cb1-4c96-a012-ef5e24f863ad&ssp=openx&gdpr=&gdpr_consent=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:31 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ccea5f36-4cb1-4c96-a012-ef5e24f863ad&ssp=openx&gdpr=&gdpr_consent=
date
Sun, 28 Feb 2021 01:04:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 5D00
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AABK4U7AddgAABHjBugagw
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AABK4U7AddgAABHjBugagw
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:31 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AABK4U7AddgAABHjBugagw
Date
Sun, 28 Feb 2021 01:04:31 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
sd
eu-u.openx.net/w/1.0/ Frame 5D00
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=cd1c603a-ec1e-4a00-bb1a-e664256f7296
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=cd1c603a-ec1e-4a00-bb1a-e664256f7296
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:31 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 28 Feb 2021 01:04:31 GMT
Server
MT3 3518 2f03077 master zrh-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=cd1c603a-ec1e-4a00-bb1a-e664256f7296
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 28 Feb 2021 01:04:30 GMT
sd
us-u.openx.net/w/1.0/ Frame 5D00
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=wAYlWZNVJ17bBi9bl1U7Ws4OJ1rbUCBbwVcsXVtf
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=wAYlWZNVJ17bBi9bl1U7Ws4OJ1rbUCBbwVcsXVtf
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:31 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:31 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=wAYlWZNVJ17bBi9bl1U7Ws4OJ1rbUCBbwVcsXVtf
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 5D00
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1456520951409076440
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1456520951409076440
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:31 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:31 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1456520951409076440
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 5D00 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=439e95e9-3f82-39e2-456b-c601fe860a74&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.225.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:31 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 5D00 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmZmMTQ2MjMtZjZmNS02NzQ2LTUwOGItOWNiODM0NjRjNDE0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5D00
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFO8TjWmXsbLA0HDadY6Lsw&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFO8TjWmXsbLA0HDadY6Lsw&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:31 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFO8TjWmXsbLA0HDadY6Lsw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.dk/adsid/ 		107 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.dk/adsid/integrator.js?domain=www.sltrib.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Feb 2021 01:04:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sltrib.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Feb 2021 01:04:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		41 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1373389036586476&correlator=2747699233092667&output=ldjh&impl=fif&vrg=2021022301&ptt=17&sc=1&sfv=1-0-37&ecs=20210228&iu_parts=89799359%2Cnew_sltrib.com%2CHome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250&prev_scp=SLT-NEW-POS%3Dmob_cube5%2Cleaderboard3%2Cbb3%26div%3Dsltrib-promo-6%26amznbid%3D1%26amznp%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1614474249&dt=1614474271049&dlt=1614474267911&idt=589&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=2881&adks=2306831766&ucis=8&ifi=8&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sltrib.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1250x250&msz=970x-1&ga_vid=318633835.1614474268&ga_sid=1614474271&ga_hid=1997287500&fws=0&ohw=0&btvi=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
221aebf986f371cf684df33b63a5683c956c9b09b1d1ee14bbd553599a4a07ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10452
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		45 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1373389036586476&correlator=2747699233092667&output=ldjh&impl=fif&vrg=2021022301&ptt=17&sc=1&sfv=1-0-37&ecs=20210228&iu_parts=89799359%2Cnew_sltrib.com%2CHome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&prev_scp=SLT-NEW-POS%3Dmob_cube6%2Csky1%2Cmonster1%26div%3Dsltrib-promo-7%26amznbid%3D1%26amznp%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1614474249&dt=1614474271055&dlt=1614474267911&idt=589&frm=20&biw=1600&bih=1200&oid=3&adxs=1079&adys=3192&adks=590986981&ucis=9&ifi=9&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sltrib.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=416x625&msz=300x-1&ga_vid=318633835.1614474268&ga_sid=1614474271&ga_hid=1997287500&fws=0&ohw=0&btvi=4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
192ba224f09038b86f932f3ee63c37c16d1df6ba66bd3173664d8287772514d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11296
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
headerstats
as-sec.casalemedia.com/ 		0
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=229483&u=https%3A%2F%2Fwww.sltrib.com%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186212-190626348116582.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:33 GMT
Server
Apache
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Sun, 28 Feb 2021 01:04:33 GMT
headerstats
as-sec.casalemedia.com/ 		0
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=229483&u=https%3A%2F%2Fwww.sltrib.com%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186212-190626348116582.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:31 GMT
Server
Apache
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Sun, 28 Feb 2021 01:04:31 GMT
pw.js
includemodal.global.ssl.fastly.net/ Frame 05B0 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://includemodal.global.ssl.fastly.net/pw.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e29691cbd68d16dccf0cf82f7d292896167afa0cabb945b815a5d06c551e88b

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
AaVtUAIoqppbf9eVzQOMXcUvOiE4G38r
Content-Encoding
gzip
ETag
"c1bfef3061ab3fd25ec75d51366fff63"
Age
2845
X-Cache
HIT
Connection
keep-alive
Content-Length
9915
x-amz-id-2
ieay/1tO//TRwiMOJ3yrhGbm54ruYdw5xIDM6gpjpRdLMnGY2zAZOE9LOHxd6fCNCWmJ096Xdio=
X-Served-By
cache-hhn4072-HHN
Last-Modified
Mon, 22 Feb 2021 22:14:04 GMT
Server
AmazonS3
X-Timer
S1614474271.088241,VS0,VE0
Date
Sun, 28 Feb 2021 01:04:31 GMT
Vary
Accept-Encoding
x-amz-request-id
6EC2423308D6EE49
Via
1.1 varnish
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
54
view
securepubads.g.doubleclick.net/pcs/ Frame 05B0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuqbjdwO4la3eOyqHfVqSU277lm-WNr5XzSsS92xWvJh0guV_0640qcxVkDQcTLFmBD1XTXHvasSCJzeeOHirLd9Mncxi6zYHLHsnJuYGfD17Kx-xyXGJ4gdQjaf6LEjcQYzbcvze9WdU0c1tvDEIbpffSg4KzrgdaFLLQgsWrfxmCgcwc-8UUdzDsyAq2SZXrLYUEpv6C7QLgS3eXgMoTgXy-vAJGzQWPiOyzYJOKilRWgwHO8na5OHylWrdyDvPF9iBlJCaDhSx4c6VebMSHGozMWgaFU3gJiusmX1cVtn8twowp_hATZ8-DS0QQr&sig=Cg0ArKJSzJnOPOoOO2kcEAE&urlfix=1&adurl=
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Feb 2021 01:04:31 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
RenderAd.aspx
ads3.mthsense.com/ Frame 05B0 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads3.mthsense.com/RenderAd.aspx?id=3039&width=728&height=90
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.215.88.166 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fafa8d429406447fef33c160c3216c4822e2f7fa1ee2998bb863335ce8f460f0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 28 Feb 2021 01:04:30 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Cache-Control
private
Content-Length
2887
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 05B0 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614342950420569"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33470
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:04:31 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
946d9a7a03fb3be233ea45625f62ecc13c46743c63f0b2d0b8588e4ec1436d13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614342938524533"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:04:31 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8483b277f6cd869c4918e0a34838d069c82bd141e2c8b20ff15b9be56fcc8df0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Feb 2021 01:04:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6496
x-xss-protection
0
d759f3ad-af2e-abab-74bc-d0f401d1c73d
pr-bh.ybp.yahoo.com/sync/openx/ Frame B134 		43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/d759f3ad-af2e-abab-74bc-d0f401d1c73d?gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:31 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame B134
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=LOnlo6Dw1LgavB5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=LOnlo6Dw1LgavB5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:31 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:30 GMT
Server
PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-0ae06fec161a2bbf2@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=LOnlo6Dw1LgavB5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame B134
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=openx&bsw_custom_parameter=ccea5f36-4cb1-4c96-a012-ef5e24f863ad&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=b7c275dc-53f3-479d-9022-e5a24dca3676&expires=1&user_group=5&ssp=openx&bsw_param=ccea5f36-4cb1-4c96-a012-ef5e24f863ad
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=ccea5f36-4cb1-4c96-a012-ef5e24f863ad
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=ccea5f36-4cb1-4c96-a012-ef5e24f863ad
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:31 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=ccea5f36-4cb1-4c96-a012-ef5e24f863ad
date
Sun, 28 Feb 2021 01:04:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sd
us-u.openx.net/w/1.0/ Frame B134
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAB6_E7AddgAABGK5aES5g
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAB6_E7AddgAABGK5aES5g
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:31 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAB6_E7AddgAABGK5aES5g
Date
Sun, 28 Feb 2021 01:04:31 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
sd
eu-u.openx.net/w/1.0/ Frame B134
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=00f2603a-ec1e-4600-9e01-c786f7940aaf
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=00f2603a-ec1e-4600-9e01-c786f7940aaf
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:31 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 28 Feb 2021 01:04:31 GMT
Server
MT3 3518 2f03077 master zrh-pixel-x30
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=00f2603a-ec1e-4600-9e01-c786f7940aaf
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 28 Feb 2021 01:04:30 GMT
sd
us-u.openx.net/w/1.0/ Frame B134
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=wAYlWZNVJ17bBi9bl1U7Ws4OJ1rbUCBbwVcsXVtf
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=wAYlWZNVJ17bBi9bl1U7Ws4OJ1rbUCBbwVcsXVtf
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:31 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=wAYlWZNVJ17bBi9bl1U7Ws4OJ1rbUCBbwVcsXVtf
pragma
no-cache
date
Sun, 28 Feb 2021 01:04:31 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame B134
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8793350316744777700
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8793350316744777700
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:31 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:31 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8793350316744777700
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame B134 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=439e95e9-3f82-39e2-456b-c601fe860a74&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.225.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:31 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame B134 		170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmZmMTQ2MjMtZjZmNS02NzQ2LTUwOGItOWNiODM0NjRjNDE0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame B134
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFO8TjWmXsbLA0HDadY6Lsw&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFO8TjWmXsbLA0HDadY6Lsw&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:31 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFO8TjWmXsbLA0HDadY6Lsw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:04:31 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame D436 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.sltrib.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Sun, 28 Feb 2021 00:42:46 GMT
expires
Mon, 28 Feb 2022 00:42:46 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1305
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
T-Hew4zKFoEuSiaqIGgqIslCHcmG-ErS7x6AqoEqFIc.js
pagead2.googlesyndication.com/bg/ Frame D436 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/T-Hew4zKFoEuSiaqIGgqIslCHcmG-ErS7x6AqoEqFIc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fe1dec38cca16812e4a26aa20682a22c9421dc986f84ad2ef1e80aa812a1487
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 20:36:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
102458
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6212
x-xss-protection
0
expires
Sat, 26 Feb 2022 20:36:53 GMT
pw.js
includemodal.global.ssl.fastly.net/ Frame F0EF 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://includemodal.global.ssl.fastly.net/pw.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e29691cbd68d16dccf0cf82f7d292896167afa0cabb945b815a5d06c551e88b

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
AaVtUAIoqppbf9eVzQOMXcUvOiE4G38r
Content-Encoding
gzip
ETag
"c1bfef3061ab3fd25ec75d51366fff63"
Age
2845
X-Cache
HIT
Connection
keep-alive
Content-Length
9915
x-amz-id-2
ieay/1tO//TRwiMOJ3yrhGbm54ruYdw5xIDM6gpjpRdLMnGY2zAZOE9LOHxd6fCNCWmJ096Xdio=
X-Served-By
cache-hhn4072-HHN
Last-Modified
Mon, 22 Feb 2021 22:14:04 GMT
Server
AmazonS3
X-Timer
S1614474271.261914,VS0,VE0
Date
Sun, 28 Feb 2021 01:04:31 GMT
Vary
Accept-Encoding
x-amz-request-id
6EC2423308D6EE49
Via
1.1 varnish
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
55
view
securepubads.g.doubleclick.net/pcs/ Frame F0EF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst3rENrE2u5edeOQvgj1ZltxhHiIUFJx65c6YuWL8oRrmqhAhWtXU-0_sWhjcsxzOmOmmmRm3_qDbtNR4VVqQc4MmPcg-z2wrocK712KthT1ynNLMH2FUhEXjwIrYuMmQ6UD2uaSLqCr0sa8unhKTm0igqf-tvNta0oHuSYhwlYFGxoVOeeChPGQUY8gABlRVLC5xXjftftgidXSf6jxu4tydzX2JBmd7I9HE94n3RkUe6mYfEaodWlmw9-pw-_gPVv79ZeLtMXgkGoUXQauPd-vXcJImwzNdtIgrCbc0HHVxWMAqtAuJCYRw&sig=Cg0ArKJSzFQN_1sS88IdEAE&urlfix=1&adurl=
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Feb 2021 01:04:31 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
RenderAd.aspx
ads3.mthsense.com/ Frame F0EF 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads3.mthsense.com/RenderAd.aspx?id=3038&width=300&height=250
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.215.88.166 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3d57b2aa6f7093b17fd21255c92b47840c790b42e59cfd825be69822cb55cb9a

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 28 Feb 2021 01:04:31 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Cache-Control
private
Content-Length
2929
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F0EF 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614342950420569"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33470
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:04:31 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022301&jk=1373389036586476&bg=!9Pel97TNAAXB_3NtwTsAKQB2-Dxa3gAmy8DQXIOMA0nFEgLXo8lDT9FYLSP7YiXzvpkt1pxynTzNAgAAAGVSAAAADWgBBwoAzTkii_NVz6iJQh8yTBaf6LICu5rrmCbYZenjcZkCJW3NS_GdqtruJjgyyx7zHmtg17azDAa9GYNonpLv0mVdkSDwwbKtJmZt9d2TFBP1YEN6HKBMVMMrhi0Wp2umfbUo_NuL2CCaF3VIUAssJTrM3UkdqWSKVMue0aDRMbhG-n2utscy7nDgJFnGRFSktfw3bEJEp2TdG5SAzw0JWRYaHm8euB61Ix9nrcQ-rLopoI6JxWA314B0LZrgEfk3q-DF10hQh4LkfTb-PUQ-8fiZAcnUPxBQHuhCO4_VD1AMjTsqrcHRErkv7tfYvzqH2ft-qSGx-tH8C2nyJ8uuJzHhAomBvd7sV9YhW1-yi-f_n7IqsojFv7rWNRKa9oHsujfe978KSe2xcAkidDnpMaQehZXuNR4sNy7LPbpCjCrMSizxof2hfOWjBa02Olpg_JaAp6cbDw5D-aaa8hzrIeqU7RKp76Gdk8QhzZCpjH0EeETdrkPI7fhGIBTVuHbF6zgA0DNCusYPWYY4lP6Ar4rGX42U-2Tbj5b9mCLeZYbgzk0UeUQ49fcc6LWxGMkVqvmHwvmadnHCERIsoxeqFLQBGYRh4sLdO2HRnMHo6JlwPP2YRzSrBjTAobog2dh5FwU8HGjC-gnFWpIddPTu_Sgf3rUM1WRum5oumOvkQKXUrH182y_pGP3b0a7TO0X8rY5kC9bmGmdy70vUTGQq4YsYD8TbclMjaensP9KmQKidxWHmTGsc0VS-zztnB7WIBx13ZO3eVRbAVoZNYlpXy7_E6DgA6g5HRLeYo-QbXHmrdAPCXFqvIkWDv3rKqIBvDFUMhss4FHoN1ShROvm34d_wBQuS4Jzre39RwKP4bYXmF2v_PhCXH3QMU86E
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012101070013000/ Frame D1B1 		185 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
183461
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53820
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ee5348f2de7cdf64"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame D1B1 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
183461
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4559
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c3a321a15743f406"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame D1B1 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
183461
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27206
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1f991b6a8daa2b14"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame D1B1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
183461
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1376
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"512b909f94eb26fb"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame D1B1 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
183461
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12793
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1e3ef417618f7e28"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
css
fonts.googleapis.com/ Frame D1B1 		6 KB
775 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5018230bc803da921c5e52b4c9e13973754ca8819e302dfe47320decd606a335
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 28 Feb 2021 00:54:20 GMT
server
ESF
date
Sun, 28 Feb 2021 01:04:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 28 Feb 2021 01:04:31 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/10054370647953863804/ Frame D1B1 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10054370647953863804/2076313506083323656
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcde873c58ccfc91a09ca377c451cfc62a0e9625a9310d620cd8dc4b6a37b7f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 07:06:20 GMT
x-content-type-options
nosniff
age
151091
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17779
x-xss-protection
0
last-modified
Mon, 15 Feb 2021 09:23:24 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Feb 2022 07:06:20 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/10119125617847697281/ Frame D1B1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10119125617847697281/downsize_200k_v1?w=100&h=100
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2600a444d02ea44ece37875df257d7551704d0ec84a06d2e0aa83b98fd30075d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 23:02:39 GMT
x-content-type-options
nosniff
age
180112
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1745
x-xss-protection
0
last-modified
Thu, 26 Mar 2020 10:21:47 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 23:02:39 GMT
truncated
/ Frame D1B1 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame D1B1 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
994de2e1426766358894752d3c206e9ef6d57ef4d71611c4cb39052d1d673e56

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D1B1 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Feb 2021 20:46:55 GMT
x-content-type-options
nosniff
server
cafe
age
15456
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 28 Feb 2021 20:46:55 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D1B1 		295 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Feb 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
10046
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 28 Feb 2021 22:17:05 GMT
l
www.google.com/ads/measurement/ Frame D1B1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ0yK8naNRcOIP6MtRfkAWpSDRkXFjmqw2F6HMVz5T8W9BT6-lrh7Mzm29CX7Aq6NC3Rm7k
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame D1B1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=COtsCH-w6YMCMDf2nx_APwMeQkA6PurK7YeiB--L0DIzAtauuARABINHi_CJg0YG5gtAHoAGF7LPvA8gBCakCFpUii7zLhT7gAgCoAwHIAwqqBOYBT9C_fxw8Yf6pkU3vts4VWt2aM7ETNOuZnKbZjcWQNSYE1I3kSyT74s9h2p1JPj7rNapTmCBICN_KL0VOwHBbQMVYblLX-tATT9-ytE8AlZ7b-zlEJNhTQCpY0_QB_EEWBjGeu3grrh-zsmUs5OsTy18efXECCI6rZBbD2uvl7ANw7iKbD7cwgkK7DadPt1fGS5RVJHSIEUgVxvDqriEMu3XXtf-K4hvI8yo7pJAsJ2fdH6v19v6B-geyylxvIirQVPLQHpM5eTLGmx5wgnvx6CpHbFtBLvxA0y8H7g9pVWAMSeRq5Z3ABOWah-W2A-AEAZIFBAgEGAGSBQQIBRgEoAYugAfjk8wQqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEPqPZdIICQiA4YBwEAEYHYAKAcgLAdgTDbIXGgoYCAASFHB1Yi03NzM4Njg1OTU3OTY5NjE2&sigh=MP8bhjdjFIM&template_id=484&tpd=AGWhJmu7KmHMLrckbpaqrWvFTO3qwPmGbRueVAWbVH-XlndGtA
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
connatix.playspace.css
cds.connatix.com/p/104830/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/104830/connatix.playspace.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
66e105e2dc73920b9c8cdd39625e9d50c81c21ea1c88f665180433b54d962984

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
vtmIrsRreM3GazTLuTGcuya5EF2rUUDB
via
1.1 varnish, 1.1 varnish
etag
"22d986a00cc95379b1e0c7c0d0d9da94"
age
118124
x-cache
HIT, HIT
x-amz-replication-status
FAILED
content-encoding
br
content-length
14256
x-served-by
cache-dca17777-DCA, cache-hhn4078-HHN
last-modified
Fri, 26 Feb 2021 16:12:15 GMT
x-timer
S1614474272.705062,VS0,VE0
date
Sun, 28 Feb 2021 01:04:31 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
2, 13566
prebid4.7.0.js
storage.googleapis.com/rs-static/ Frame E299 		302 KB
303 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/rs-static/prebid4.7.0.js
Requested by
Host: ads3.mthsense.com
URL: https://ads3.mthsense.com/RenderAd.aspx?id=3039&width=728&height=90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
40f94d4bff7ccb6896e68d0b94d486b89aa3f7a46bc753a120fab954e636a573

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:31 GMT
age
0
x-guploader-uploadid
ABg5-UwDkH9w9CIYgbfTjvq6g15uS5ij2m48XH3u25hYdLtG1vHm3o6rnO4chZzt7QmAjYEBqV6SRJuEXjOwjOi2-fI
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
309272
last-modified
Tue, 15 Sep 2020 19:30:03 GMT
server
UploadServer
etag
"6093877422c034fe300df8ed44d1e948"
x-goog-hash
crc32c=t+/UZw==, md5=YJOHdCLANP4wDfjtRNHpSA==
x-goog-generation
1600198203919898
cache-control
public, max-age=3600
x-goog-stored-content-length
309272
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 28 Feb 2021 02:04:31 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame E299 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
213b9ca5a900159a345f090a85fc24bed8dac9ed54fb205682469fecb53f12d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"797 / 746 of 1000 / last-modified: 1614381521"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19359
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:04:31 GMT
/
includemodal.com/service/imp/563c6d6c-a9ec-41aa-8ccd-73dcdb17c8eb/ Frame 05B0 		42 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/563c6d6c-a9ec-41aa-8ccd-73dcdb17c8eb/?rand=753535&referer=https://www.sltrib.com/
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.148.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:32 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame 05B0 		42 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=0efcbf11-0d8b-4048-b467-cb724bc41722&url=https://ads3.mthsense.com/RenderAd.aspx%3Fid%3D3039%26amp%253Bwidth%3D728%26amp%253Bheight%3D90&o=https://www.sltrib.com/
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.148.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:32 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame 05B0 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=0efcbf11-0d8b-4048-b467-cb724bc41722&url=https://storage.googleapis.com/rs-static/prebid4.7.0.js%3F&o=https://www.sltrib.com/
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.148.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:32 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
truncated
/ Frame 05B0 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ada7ba5e01552a7732edca496b01c3f0a7466f897fe7682aa8a6faeeb6726d33

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame D1B1 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.sltrib.com
Referer
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 09:18:12 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
229579
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Fri, 25 Feb 2022 09:18:12 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame D1B1 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.sltrib.com
Referer
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 08:43:20 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
318071
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11180
x-xss-protection
0
expires
Thu, 24 Feb 2022 08:43:20 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 05B0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsveIwpoI2i5qOMQNIWwsiA25G83F77Z7-UaGcQgyZUO1VJj-pNDRO6XhtGp4nzHwbjwSdw2pOXp6rtisomI3bKdfsRkNHwMryr5HodTEvqHw2WnpdKAqbeoHUqOuvkp2Y-O2qSM2YjM5Azs5bOy0tc7IqAtisu3S97rm1oJgZ011OoSqdzzFxOLuWOgiO92aYuEJ9CwobYgrh1eivI5cuXMW_hGEUBfyIaT2jVd5CPqDbP_kEQAM4A8l07TEFJ175Z3AQhVejLn6ApxT6NvH38LVQmXW-uZv7YwJznqGaRSrNlG13DxMUBvSoKLPBaHNck&sig=Cg0ArKJSzC6N79YqdIKQEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Feb 2021 01:04:31 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:04:31 GMT
story
capi.connatix.com/core/ Frame A87A 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/story?v=104830
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.217.204.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c2b83ca50ea08106178668a97715a7fb9d048ff4b5c9131c2b2bfcaa17aad14d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Sun, 28 Feb 2021 01:04:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.sltrib.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
832
pubads_impl_2021022301.js
securepubads.g.doubleclick.net/gpt/ Frame E299 		290 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
sffe /
Resource Hash
870b2aa31c41ba833e28e8e1eb5d6e4ed828cadf9d40a40a6ebf343a0abdc4b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 23 Feb 2021 09:41:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104129
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:04:31 GMT
prebid4.7.0.js
storage.googleapis.com/rs-static/ Frame F5B0 		302 KB
303 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/rs-static/prebid4.7.0.js
Requested by
Host: ads3.mthsense.com
URL: https://ads3.mthsense.com/RenderAd.aspx?id=3038&width=300&height=250
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
40f94d4bff7ccb6896e68d0b94d486b89aa3f7a46bc753a120fab954e636a573

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:31 GMT
age
0
x-guploader-uploadid
ABg5-UwDkH9w9CIYgbfTjvq6g15uS5ij2m48XH3u25hYdLtG1vHm3o6rnO4chZzt7QmAjYEBqV6SRJuEXjOwjOi2-fI
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
309272
last-modified
Tue, 15 Sep 2020 19:30:03 GMT
server
UploadServer
etag
"6093877422c034fe300df8ed44d1e948"
x-goog-hash
crc32c=t+/UZw==, md5=YJOHdCLANP4wDfjtRNHpSA==
x-goog-generation
1600198203919898
cache-control
public, max-age=3600
x-goog-stored-content-length
309272
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 28 Feb 2021 02:04:31 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame F5B0 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
213b9ca5a900159a345f090a85fc24bed8dac9ed54fb205682469fecb53f12d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"797 / 738 of 1000 / last-modified: 1614381521"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19359
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:04:31 GMT
/
includemodal.com/service/imp/563c6d6c-a9ec-41aa-8ccd-73dcdb17c8eb/ Frame F0EF 		42 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/563c6d6c-a9ec-41aa-8ccd-73dcdb17c8eb/?rand=853830&referer=https://www.sltrib.com/
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.148.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:32 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame F0EF 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=0dfd2ed8-59d0-402b-ae31-10fbbf344e71&url=https://ads3.mthsense.com/RenderAd.aspx%3Fid%3D3038%26amp%253Bwidth%3D300%26amp%253Bheight%3D250&o=https://www.sltrib.com/
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.148.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:32 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame F0EF 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=0dfd2ed8-59d0-402b-ae31-10fbbf344e71&url=https://storage.googleapis.com/rs-static/prebid4.7.0.js%3F&o=https://www.sltrib.com/
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.148.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:32 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
bid
ap.lijit.com/rtb/ Frame E299 		24 B
758 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.7.0
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
f5ca1eef91f76fe51e9fc48125a6db15af66605176f45a807711fc110fc0e77f

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 28 Feb 2021 01:04:32 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.sltrib.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
hb
ssc.33across.com/api/v1/ Frame E299 		65 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bFNDkc19ir6ikyaKkGJozW
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.248.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ 33Across
Resource Hash
922ec9881ffcd5035a7e8a021189d77ef51035ca1d1baae15cf949da07e03c6a

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 28 Feb 2021 01:04:32 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
prebid
lockerdome.com/ladbid/ Frame E299 		11 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/ladbid/prebid
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 28 Feb 2021 01:04:32 GMT
Content-Encoding
gzip
P3P
CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Content-Type
application/json; charset=utf-8
Content-Length
31
cygnus
htlb.casalemedia.com/ Frame E299 		24 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=303653&v=7.2&r=%7B%22id%22%3A%227707b161a89bc7%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22832fcbaa030a3f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22303653%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.sltrib.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.sltrib.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.135 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-135.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
284dfa2a20ad11b2a585cc187dc6a15b149454a1ce8eb3a48e15064d57beb8c7

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:31 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DK], RC:[], CN:[EU], CIP:[82.102.20.235], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sltrib.com
x-cs-client-geo
10
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
10
expires
Sun, 28 Feb 2021 01:04:31 GMT
arj
os4m-d.openx.net/w/1.0/ Frame E299 		173 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://os4m-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sltrib.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5efbf73a-318e-496d-9175-13765ecd42bd&nocache=1614474271952&aus=728x90&divIds=SLT_728x90_ATF__86&auid=540529560&aumfs=300
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
30ebdd6035ba90b80114fd4e27e56abf972f930bf1cc802bbc012fadeee8252a

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:32 GMT
content-encoding
gzip
server
OXGW/16.202.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sltrib.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame E299 		19 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:31 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.237:80
AN-X-Request-Uuid
5bc1ad15-668e-436d-9d04-320de82e531e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E299 		238 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=62568&zone_id=710558&size_id=2&rf=https%3A%2F%2Fwww.sltrib.com%2F&tk_flint=pbjs_lite_v4.7.0&x_source.tid=5efbf73a-318e-496d-9175-13765ecd42bd&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5399126967912
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
8ffa9a8bd3717973966ac0774261c9bf71b1332f89080bb13e37779146a384ab

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:32 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
238
Expires
Wed, 17 Sep 1975 21:32:10 GMT
mvo
tag.1rx.io/rmp/74190/0/ Frame E299 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/74190/0/mvo?z=1r&hbv=4.7,2.1
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.sltrib.com
Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:32 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
auction
x.yieldlift.com/ Frame E299 		2 KB
909 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.yieldlift.com/auction
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.21.136 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
7b0063a5e666b8347a392adc777544f7b5074439eb0969051b29cad6b6f0eb00

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
Content-Type
application/json;charset=utf-8
access-control-allow-origin
https://www.sltrib.com
Accept
application/json
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
574
Expires
0
/
id.sltrib.com/ 		0
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sltrib.com/?maxAge=2628000
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
cf-ray
62863b68dd259808-FRA
content-length
0
cf-request-id
0887c3758900009808891d7000000001
view
securepubads.g.doubleclick.net/pcs/ Frame F0EF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsup1iQiMjPavTcnHpi3fKOkVAh3DNC89tKhMZ6RoFFOnQ7wdItzcwNDccDJXMjdXkSgK69gSp5cPVs2e-Tf9ssuBeL-JMhIeKqA1eXUX0VT7bbIPqUrz0t-UR7f_MGr-hwwlbwb9R-qbF3q1l5ZTLDivuO91hIdYUcscRtLOSZY21Bxih0bkIm_s6akmYPm4K9JHOSqCELJPvbJhUWx0jbCCMxD-UAaaXnOYqv_zWdqfM3WvQD0mSh2njhNK_8-5rR8fyfxHoXWTUZTkoRTO1KyJ07VfaAo7IMJhESbIGNe3iVyuHRjNPyta0_1&sig=Cg0ArKJSzEFSZfuFXAWTEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Feb 2021 01:04:32 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:04:32 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D1B1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Feb 2021 20:46:55 GMT
x-content-type-options
nosniff
server
cafe
age
15456
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 28 Feb 2021 20:46:55 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D1B1 		295 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Feb 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
10046
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 28 Feb 2021 22:17:05 GMT
pubads_impl_2021022301.js
securepubads.g.doubleclick.net/gpt/ Frame F5B0 		290 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
sffe /
Resource Hash
870b2aa31c41ba833e28e8e1eb5d6e4ed828cadf9d40a40a6ebf343a0abdc4b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 23 Feb 2021 09:41:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104129
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:04:32 GMT
bid
ap.lijit.com/rtb/ Frame F5B0 		24 B
758 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.7.0
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
4c695461baaf8031bc3f6a183ab748fece150aafb8ebe2afc96b3bf262da1f6c

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 28 Feb 2021 01:04:32 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.sltrib.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
v1
btlr.sharethrough.com/WYu2BXv1/ Frame F5B0 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Ew7kii4wVov8hjHwB8Wgknzd&bidId=4f4b4fae9dfd9d&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.7.0&strVersion=3.2.1&secure=true
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.57.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sltrib.com
date
Sun, 28 Feb 2021 01:04:32 GMT
access-control-allow-credentials
true
vary
Origin
cygnus
htlb.casalemedia.com/ Frame F5B0 		24 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=303655&v=7.2&r=%7B%22id%22%3A%2252ed3c6011720e%22%2C%22imp%22%3A%5B%7B%22id%22%3A%226069e21b9f2e0d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22303655%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.sltrib.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.sltrib.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.135 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-135.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
90ae3651658e76f0f2ea5e3d63df4db6f3704b96a514cc2375876fe80caa2ab7

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:32 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DK], RC:[], CN:[EU], CIP:[82.102.20.235], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sltrib.com
x-cs-client-geo
10
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
10
expires
Sun, 28 Feb 2021 01:04:32 GMT
arj
os4m-d.openx.net/w/1.0/ Frame F5B0 		174 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://os4m-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sltrib.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=67b14387-5843-402e-b484-06418f22ac56&nocache=1614474272030&aus=300x250&divIds=SLT_300x250_BTF__86&auid=540529557&aumfs=300
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
7e9fb52a47bcbcb5cf485273bacdb52700299ba1ebb66ec72c622457259ae892

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:32 GMT
content-encoding
gzip
server
OXGW/16.202.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sltrib.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
lockerdome.com/ladbid/ Frame F5B0 		11 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/ladbid/prebid
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 28 Feb 2021 01:04:32 GMT
Content-Encoding
gzip
P3P
CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Content-Type
application/json; charset=utf-8
Content-Length
31
auction
x.yieldlift.com/ Frame F5B0 		2 KB
909 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.yieldlift.com/auction
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.21.136 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
bebe6cc4512ef55a8e50b84e193aeb36a5a97559cfe5260c3c7b443c48173941

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
Content-Type
application/json;charset=utf-8
access-control-allow-origin
https://www.sltrib.com
Accept
application/json
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
574
Expires
0
hb
ssc.33across.com/api/v1/ Frame F5B0 		66 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=baJuNG19ir6ikUaKlId8sQ
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.248.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ 33Across
Resource Hash
3413c165b4624771f4822d472654336723d85c1b93fce68c56287424ccd8efc1

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 28 Feb 2021 01:04:32 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame F5B0 		19 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:32 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.80:80
AN-X-Request-Uuid
9dde3578-63ab-4bcd-9537-c31a2203f282
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mvo
tag.1rx.io/rmp/74190/0/ Frame F5B0 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/74190/0/mvo?z=1r&hbv=4.7,2.1
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.sltrib.com
Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:32 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame F5B0 		239 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=62568&zone_id=710514&size_id=15&rf=https%3A%2F%2Fwww.sltrib.com%2F&tk_flint=pbjs_lite_v4.7.0&x_source.tid=67b14387-5843-402e-b484-06418f22ac56&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.36296899822888107
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
d22b381f174b4e7d3e6424e173f02b9cfc368f2f06e4925dca5743b362ba30e2

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:32 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
239
Expires
Wed, 17 Sep 1975 21:32:10 GMT
container.html
864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 9C94 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.sltrib.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Sun, 28 Feb 2021 01:04:30 GMT
expires
Mon, 28 Feb 2022 01:04:30 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame 9C94 		2 KB
976 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
02cd60655fcce9585457a7cd041767aba7c4aeef590805801be7090b5fe3fd5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 28 Feb 2021 00:51:47 GMT
server
ESF
date
Sun, 28 Feb 2021 01:04:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 28 Feb 2021 01:04:32 GMT
spam_signals_bundle_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/elements/html/spam_signals/ Frame 9C94 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/elements/html/spam_signals/spam_signals_bundle_fy2019.js
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7cb0567c7f8816067f80508b906ccdad89e9e76e05573464926eec5a5276d84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 00:37:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1634
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2773
x-xss-protection
0
server
cafe
etag
3338119961263385223
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Mar 2021 00:37:18 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 9C94 		2 KB
996 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:03:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
896
x-xss-protection
0
server
cafe
etag
948078048762640732
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Mar 2021 01:03:24 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame 9C94 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 00:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1175
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
18079855114753437313
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Mar 2021 00:44:57 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 9C94 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 00:58:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
381
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Mar 2021 00:58:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9C94 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614342950420569"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33470
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:04:32 GMT
script%3E%3Cscript%20data-jc=
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.jsSrkjAac4CNnMwu2F0bk6wyfBwYjmLv_yiLY1bQdJoGgiehgf1XrklPJD4ztQrmc-zZZLC7AjRHH3qg','','[/x22x%278440/x279efo... Frame 9C94 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.jsSrkjAac4CNnMwu2F0bk6wyfBwYjmLv_yiLY1bQdJoGgiehgf1XrklPJD4ztQrmc-zZZLC7AjRHH3qg','','[/x22x%278440/x279efotm(/x26753374%2bejvf/%27844/x3e/x279efotm(/x2675337:%2bejvf~/x22]');%3C/script%3E%3Cscript%20data-jc=
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
l
www.google.com/ads/measurement/ Frame 9C94 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQTkRy8w6mltTRvJhfx9aikeh7qQzqtcjGS1_VHXpFv3lZbOD3LHengMqI5KBJkHpnktGDS
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
5d4b6918ba53c75bacf90c3e9a55021e.js
www.gstatic.com/mysidia/ Frame 9C94 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5d4b6918ba53c75bacf90c3e9a55021e.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
292e3b9fa7eff78d18f9f28e666f940c96696c6a2aa4dd543227f82d0c6c21c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 14:11:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Feb 2021 08:27:31 GMT
server
sffe
age
211953
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10833
x-xss-protection
0
expires
Wed, 26 May 2021 14:11:59 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 9C94 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CAdL3H-w6YK3hJYyN7gPSy4HQCf-0_pNhtKKilqAM8ZrBq8EcEAEgheG8SmDRgbmC0AegAczxlvYDyAEJ4AIAqAMByAObBKoE6AFP0H2nTdpsmytXh2qQRRwtjQ7VYsNUBSBLMUjNr7-fCxIM3OxG9ZZGvBmGwD3sUWlpYK1kkPFM40RGBErXCPCYGDP0lZj8Qft3A9EGyyqRyovH4pcQnHxz0LSpkYHvj1NdS8RXhybEHWRlpzlcGT7rcBJ3Pl8xvvQgSj_mhK4EZPLGncCPv2ur6Xv-_XLnrNfsZCxH0nFd7w8qJft-BkVOqNvJ0Mb5x0FqJMfppDea8wcDz-V8HRhRBbDLWltdoPg9tWsTZmleLiuJ77c5arwtVz425XGYr7kCD4rbPhck6QgW5YiWY9YHwASz7I_iswPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHnI7pCagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQjKQk0ggJCIDhgHAQARgd8ggbYWR4LXN1YnN5bi01NDQ2MDA5NDYzNTQ5OTM0gAoDyAsB2BMCmBYBshcaChgIABIUcHViLTcxNjUxNjA0NTg5NjI2MTE&sigh=9E6QyWF5IcM&template_id=494&tpd=AGWhJmuj-gIcnOQYyWEnc8Q3UCJhm6oWuXzM8bjtbKSYyhaxkg
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
script%3E%3Cscript%20data-jc=
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.jsSrkjAac4CNnMwu2F0bk6wyfBwYjmLv_yiLY1bQdJoGgiehgf1XrklPJD4ztQrmc-zZZLC7AjRHH3qg','','[/x22x%278440/x279efo... Frame 9C94 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.jsSrkjAac4CNnMwu2F0bk6wyfBwYjmLv_yiLY1bQdJoGgiehgf1XrklPJD4ztQrmc-zZZLC7AjRHH3qg','','[/x22x%278440/x279efotm(/x26753374%2bejvf/%27844/x3e/x279efotm(/x2675337:%2bejvf~/x22]');%3C/script%3E%3Cscript%20data-jc=
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
truncated
/ Frame 9C94 		358 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e8547a61952e7e1a3f4deb3fe1c2f27f9f83f12fccfb55d00bf8e96803563e63

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
shopping
encrypted-tbn3.gstatic.com/ Frame 9C94 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTHAL9WZZmLjA77Khr9zfVd3iUZV1ryYMcVrRxcS6YCuIkruACaRcH5Y6N9EEM&usqp=CAI
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
860e8c9a2c58899552febf857e4d6777e4acf14dc8f26e8c481bbf41eefd3d05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 11:23:03 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 17:46:54 GMT
server
sffe
age
135689
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13516
x-xss-protection
0
expires
Sat, 26 Feb 2022 11:23:03 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 9C94 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRJkjL_LIoze6z0RmaU-SEqLNJyyuM4aNwJpBO1H5Bd6PvT0kcwB4zGbGRensY&usqp=CAI
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c407107d271dfd94219b8ea429d2d412483b44e61d71bfdc4208b4512fada891
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 05:58:17 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 02:29:51 GMT
server
sffe
age
155175
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19667
x-xss-protection
0
expires
Sat, 26 Feb 2022 05:58:17 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 9C94 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSl5xNGQQo4U3hJUSY9ptbbDrCjgjaYsqiJbuuLc1xykV8yUuxB&usqp=CAI
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8d861ecd321ebd859d445c1410148fb1e729f3ed3f592c9ef5efa32c100e640
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 14:00:08 GMT
x-content-type-options
nosniff
last-modified
Fri, 30 Oct 2020 06:12:36 GMT
server
sffe
age
385464
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32121
x-xss-protection
0
expires
Wed, 23 Feb 2022 14:00:08 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 9C94 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSIS3gQfzL79ORQ36Ag3Ri6fN4DlLiqqhf6K1rM-PBXmRSnYK-xlfEe8r3553Y&usqp=CAI
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3878645d4ed652a2a3877042d7952dc72e2ada8296a808f245851547a551f66a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 10:47:05 GMT
x-content-type-options
nosniff
last-modified
Thu, 29 Oct 2020 10:25:29 GMT
server
sffe
age
51447
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35865
x-xss-protection
0
expires
Sun, 27 Feb 2022 10:47:05 GMT
12461797604719436694
tpc.googlesyndication.com/simgad/ Frame 9C94
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCboeOPswEQsAkYrAIyCITmPYc43DV3
  • https://tpc.googlesyndication.com/simgad/12461797604719436694
34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12461797604719436694
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
274cd63f256ea7cfbf7d69be70bd05751d38ef9919a4dcd6daf8b69e490f364e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 19:41:30 GMT
x-content-type-options
nosniff
age
192182
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34738
x-xss-protection
0
last-modified
Wed, 04 Jul 2018 02:51:30 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 19:41:30 GMT

Redirect headers

timing-allow-origin
*
date
Sat, 27 Feb 2021 19:41:44 GMT
x-content-type-options
nosniff
server
cafe
age
19368
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/12461797604719436694
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 29 Mar 2021 19:41:44 GMT
truncated
/ Frame 9C94 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35ccef75aea1163fb9980ffd7352a6f4001ce5316f1d9548d200862947e9abbc

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oT3ZQZQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v14/ Frame 9C94 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v14/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oT3ZQZQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2deb82c585f891ba79a0cc6e27caf804cd5308c9fc91f5487549d64f3bb84b89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 09:31:45 GMT
x-content-type-options
nosniff
last-modified
Wed, 04 Dec 2019 18:44:36 GMT
server
sffe
age
142367
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14516
x-xss-protection
0
expires
Sat, 26 Feb 2022 09:31:45 GMT
container.html
864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 1C9A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.sltrib.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Sun, 28 Feb 2021 01:04:30 GMT
expires
Mon, 28 Feb 2022 01:04:30 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 1C9A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CdziDH-w6YPywOtXx-gadsqy4DbnUv8JczL2bj40Ntuzs7K4JEAEgheG8SmDRgbmC0AegAeu_ut0DyAEJqQIWlSKLvMuFPuACAKgDAcgDCKoE6gFP0IziMU3-zgsR6ziNZ2DxkVivcKwFcp-y5f3fRxllpLwVD4gZE7MMU9J-q2UMe-J3tjwLHkJwdxRnVLPXsLtmSKcQyo2U-upm_41Dto50_IKJ_6yIsEdzvUV33xfNvMtfF1eNnW-Otp0xTwrCnUCVaXSeS_p-ZvyEcCgw6sHsNVZzSwL46F0Ije6judAj-3pZ3xUOHw_Alx2hP1j1ffi6wCl0c_3C9ft3CCwkMyIpTWc9HbExlguZPbspYyF59W_fs6AIMv7gw-OF95mKfLZ8Po8vJxiYu2gZBTx6idPT1iwtLEG40C6ye5vABOGI0cHyAuAEAZIFBAgEGAGSBQQIBRgEoAYugAf9v8UiqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEPuYLdIICQiA4YBwEAEYHfIIG2FkeC1zdWJzeW4tNTQ0NjAwOTQ2MzU0OTkzNIAKA8gLAdgTDbIXGgoYCAASFHB1Yi03MTY1MTYwNDU4OTYyNjEx&sigh=1AAPbRDFnSI&template_id=419&tpd=AGWhJmsl-EdG4pfASF-MgDUe44WIxGFeqjkarsASK0qlGHMSuA
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame 1C9A 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 00:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1175
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
18079855114753437313
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Mar 2021 00:44:57 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 1C9A 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 00:58:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
381
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Mar 2021 00:58:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1C9A 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614342950420569"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33470
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:04:32 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 1C9A 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 00:41:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1369
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6139
x-xss-protection
0
server
cafe
etag
4905056106247604317
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Mar 2021 00:41:43 GMT
l
www.google.com/ads/measurement/ Frame 1C9A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSBscdwHDrxLm9wc3JueYEhbGcLeEEP4gaZFzio7Jghpts9G1yjkjT9ohD8LrbfbL22ONrx
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
sr
capi.connatix.com/tr/ Frame A87A 		0
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/sr?v=104830
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.217.204.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Sun, 28 Feb 2021 01:04:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.sltrib.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
analytics.js
s.srvsynd.com/2/234175/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/234175/analytics.js?dt=2341751597675869250012&di=www.sltrib.com&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=100212&ti=x725249833209048290060919046144&de=2&to=3&pv=7bff1dab-0531-492f-a8cf-47342679b943
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
990e7e8254ab06900bf50d1c394504d354dda7e36e1566624ab1b7f47f6657e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:32 GMT
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
application/javascript
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
1880
Expires
0
dc9f17f0-3d9e-4a09-9562-282c327ed487.bin
vid.connatix.com/d00660ed-1204-49ba-a833-4421d3a64874/ Frame A87A 		2 KB
1001 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/d00660ed-1204-49ba-a833-4421d3a64874/dc9f17f0-3d9e-4a09-9562-282c327ed487.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4e379a527913ece5ca9cdad0e68bfcc813516bc492dbcfafaf02a9f79a552271

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:32 GMT
content-encoding
gzip
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
age
25754
x-cache
HIT, HIT
content-length
634
x-served-by
cache-bwi5134-BWI, cache-cph20639-CPH
last-modified
Sat, 27 Feb 2021 17:54:50 GMT
x-timer
S1614474272.411666,VS0,VE2
etag
"7f760c4ecac7f20b8ce94d68e9adcb7c"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
3, 1
s
googleads.g.doubleclick.net/pagead/drt/ Frame 54A6 		143 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmsp9gFEFk_4ac5UT0AFQCoD_E8_di2fewZ8UT_FbkCl144kOfvBuJWGSJYpwk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 28 Feb 2021 00:34:33 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1799
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 1C9A 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e80aa94bfb5590015e924a81b7bfbaf04093e8d8f56db584204c3886734884f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
ao
capi.connatix.com/tr/ Frame A87A 		0
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ao?v=104830
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.217.204.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Sun, 28 Feb 2021 01:04:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.sltrib.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
ps
capi.connatix.com/tr/ Frame A87A 		0
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ps?v=104830
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.217.204.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Sun, 28 Feb 2021 01:04:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.sltrib.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
3c28f9ad-4e21-4e72-813b-61ef4b2dd137.jpg
img.connatix.com/d00660ed-1204-49ba-a833-4421d3a64874/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/d00660ed-1204-49ba-a833-4421d3a64874/3c28f9ad-4e21-4e72-813b-61ef4b2dd137.jpg?crop=410:231,smart&width=410&height=231&format=jpeg&quality=60&fit=crop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
00133585616dd1c66765009d81c52a8be08bd517f46f66ea004cc88f414db021

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:32 GMT
content-encoding
br
age
25784
x-cache
HIT, HIT
fastly-io-info
ifsz=128302 idim=1200x630 ifmt=jpeg ofsz=12190 odim=410x231 ofmt=webp
fastly-stats
io=1
content-length
12195
x-served-by
cache-dca17734-DCA, cache-cph20648-CPH
access-control-allow-origin
*
x-timer
S1614474273.557241,VS0,VE1
etag
"1V5EO9Yhcu1w9edQzynUgeBH3fdAb2lrV0eApJfbMP4"
vary
Accept
x-amz-request-id
B0XM31ZT26FM7G93
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/webp
x-cache-hits
2, 1
6c06aa79-41c7-4fbd-bc46-ea23c1f82643.jpg
img.connatix.com/d00660ed-1204-49ba-a833-4421d3a64874/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/d00660ed-1204-49ba-a833-4421d3a64874/6c06aa79-41c7-4fbd-bc46-ea23c1f82643.jpg?crop=410:231,smart&width=410&height=231&format=jpeg&quality=60&fit=crop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a8a68fbbef0caeca0ae2921f75089978bcd7505014fd22b91abdcc22fb4a6737

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:32 GMT
content-encoding
br
age
25784
x-cache
HIT, HIT
fastly-io-info
ifsz=82168 idim=1200x630 ifmt=jpeg ofsz=5188 odim=410x231 ofmt=webp
fastly-stats
io=1
content-length
5193
x-served-by
cache-dca17750-DCA, cache-cph20648-CPH
access-control-allow-origin
*
x-timer
S1614474273.557221,VS0,VE2
etag
"5VP3giI75Un3fl3WDMo7M7oZk58VU4zVeQJR9qXSRmQ"
vary
Accept
x-amz-request-id
SV6JPE7K09CY4EKJ
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/webp
x-cache-hits
1, 1
1a66d8c3-3a55-4c92-a5f3-9e325e08912a.jpg
img.connatix.com/d00660ed-1204-49ba-a833-4421d3a64874/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/d00660ed-1204-49ba-a833-4421d3a64874/1a66d8c3-3a55-4c92-a5f3-9e325e08912a.jpg?crop=410:231,smart&width=410&height=231&format=jpeg&quality=60&fit=crop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
77ced77641d9ae32c1d0461d6dcfef91682d93f703d23c4c8ca927a4bc6621ed

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:32 GMT
content-encoding
br
age
25784
x-cache
HIT, HIT
fastly-io-info
ifsz=152937 idim=1200x630 ifmt=jpeg ofsz=13946 odim=410x231 ofmt=webp
fastly-stats
io=1
content-length
13951
x-served-by
cache-dca17756-DCA, cache-cph20648-CPH
access-control-allow-origin
*
x-timer
S1614474273.557209,VS0,VE2
etag
"G5Bha9wGTWsUe7cJSESiIzOVskCpJGxI1MdIhsEGDq8"
vary
Accept
x-amz-request-id
B0XGNWYGBNBXB5VH
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/webp
x-cache-hits
1, 1
d99e8fb8-1b37-463e-b98e-9d5ce0c56514.jpg
img.connatix.com/d00660ed-1204-49ba-a833-4421d3a64874/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/d00660ed-1204-49ba-a833-4421d3a64874/d99e8fb8-1b37-463e-b98e-9d5ce0c56514.jpg?crop=410:231,smart&width=410&height=231&format=jpeg&quality=60&fit=crop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
95f45d5fbad334a4d4243435666e154aa2d7e2fb5a223ab7d60c01157d7946b5

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:32 GMT
content-encoding
br
age
25784
x-cache
HIT, HIT
fastly-io-info
ifsz=105630 idim=1200x630 ifmt=jpeg ofsz=9480 odim=410x231 ofmt=webp
fastly-stats
io=1
content-length
9485
x-served-by
cache-dca17768-DCA, cache-cph20648-CPH
access-control-allow-origin
*
x-timer
S1614474273.557201,VS0,VE1
etag
"pu4gAjGHwTQ9OvJ5BYIQgcON47+MWHmVP2/hoTN+Cs4"
vary
Accept
x-amz-request-id
SV6PHQMB42SKH1CN
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/webp
x-cache-hits
1, 1
g
capi.connatix.com/rtb/ Frame A87A 		234 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=104830
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.217.204.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4c810554d4a1687e526b43a50eac5ed87f9d20cde0d08060f456e7cc6f35d117

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Sun, 28 Feb 2021 01:04:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.sltrib.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
196
si
googleads.g.doubleclick.net/pagead/drt/ Frame 54A6
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
496 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmsp9gFEFk_4ac5UT0AFQCoD_E8_di2fewZ8UT_FbkCl144kOfvBuJWGSJYpwk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 28 Feb 2021 01:04:32 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sun, 28-Feb-2021 02:04:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 28 Feb 2021 01:04:32 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 28 Feb 2021 01:04:32 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
postback
s.srvsynd.com/2/1.22.2/234175/AGDXELUNEeNUUZK2/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/1.22.2/234175/AGDXELUNEeNUUZK2/postback?oz_pl=1&de=2&pv=7bff1dab-0531-492f-a8cf-47342679b943&ci=234175&ap=undefined&pp=100212&ui=00000000-0000-0000-0000-000000000000&md=2&sr=connatix.com&ti=x725249833209048290060919046144&to=3&dt=2341751597675869250012&di=www.sltrib.com
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/234175/analytics.js?dt=2341751597675869250012&di=www.sltrib.com&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=100212&ti=x725249833209048290060919046144&de=2&to=3&pv=7bff1dab-0531-492f-a8cf-47342679b943
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 28 Feb 2021 01:04:32 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.srvsynd.com/2/1.22.2/ 		117 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/1.22.2/main.js?o=1
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/234175/analytics.js?dt=2341751597675869250012&di=www.sltrib.com&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=100212&ti=x725249833209048290060919046144&de=2&to=3&pv=7bff1dab-0531-492f-a8cf-47342679b943
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
48bbcc1ce2487936f5f8224d471cfc0b639d68abca1789fafd9f393f6bebaf76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 28 Feb 2021 01:04:32 GMT
Content-Encoding
br
Accept-Ch
Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, no-transform, immutable, max-age=999999999
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
37340
Expires
Tue, 05 Nov 2052 05:31:40 GMT
integrator.js
adservice.google.de/adsid/ Frame E299 		107 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sltrib.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Feb 2021 01:04:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame E299 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sltrib.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Feb 2021 01:04:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
log.gif
includemodal.com/static/ Frame 05B0 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=0efcbf11-0d8b-4048-b467-cb724bc41722&url=https://adservice.google.de/adsid/integrator.js%3Fdomain%3Dwww.sltrib.com&o=https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.148.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:32 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
ads
securepubads.g.doubleclick.net/gampad/ Frame E299 		81 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3537484951060214&correlator=1658547695909141&output=ldjh&impl=fifs&eid=21068110&vrg=2021022301&ptt=17&sc=1&sfv=1-0-37&ecs=20210228&iu_parts=289026909%2CYieldLift%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=hb_name%3DSLT_728x90_ATF__86%26passback_pb%3D0.20%26hb_factor%3D1.5%26rscust%3Dpool1&eri=1&cookie=ID%3D14ab03baa70d1dfc%3AT%3D1614474270%3AS%3DALNI_MbI19zbu0LfwAC2Zs5Yj9VMwN9f3A&bc=31&abxe=1&lmt=1614474272&dt=1614474272600&dlt=1614474271690&idt=350&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=436&adys=16&adks=1876508345&ucis=sktdn52jezs&ifi=1&ifk=1222021891&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fwww.sltrib.com%2F&ref=https%3A%2F%2Fwww.sltrib.com%2F&top=https%3A%2F%2Fwww.sltrib.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=318633835.1614474268&ga_sid=1614474273&ga_hid=810978781&ga_fc=true&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
ccd05b80129cc99482b3a47baf41579c85614691b7aec7f3211fc08fe2b09939
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3645771183198376631/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3645771183198376631/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMmrlayxi-8CFctk4AodqycBmw&gqi=&layout=/sadbundle/%24csp%253Der3%24/3645771183198376631/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3645771183198376631/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3645771183198376631/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMmrlayxi-8CFctk4AodqycBmw&gqi=&layout=/sadbundle/%24csp%253Der3%24/3645771183198376631/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26083
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Sun, 28 Feb 2021 01:04:32 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a828656d04a9d8773a73dee54db9d850.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame E299 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a828656d04a9d8773a73dee54db9d850.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame E299 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
integrator.js
adservice.google.de/adsid/ Frame F5B0 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sltrib.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Feb 2021 01:04:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F5B0 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sltrib.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Feb 2021 01:04:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
log.gif
includemodal.com/static/ Frame F0EF 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=0dfd2ed8-59d0-402b-ae31-10fbbf344e71&url=https://adservice.google.de/adsid/integrator.js%3Fdomain%3Dwww.sltrib.com&o=https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.148.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:32 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
ads
securepubads.g.doubleclick.net/gampad/ Frame F5B0 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=689317380850878&correlator=3946625290229060&output=ldjh&impl=fifs&eid=31060010&vrg=2021022301&ptt=17&sc=1&sfv=1-0-37&ecs=20210228&iu_parts=289026909%2CYieldLift%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=hb_name%3DSLT_300x250_BTF__86%26passback_pb%3D0.20%26hb_factor%3D1.5%26rscust%3Dpool1&eri=1&cookie=ID%3D14ab03baa70d1dfc%3AT%3D1614474270%3AS%3DALNI_MbI19zbu0LfwAC2Zs5Yj9VMwN9f3A&bc=31&abxe=1&lmt=1614474272&dt=1614474272642&dlt=1614474271878&idt=305&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1062322232&ucis=pg3s5wq8sj9e&ifi=1&ifk=2503625634&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fwww.sltrib.com%2F&ref=https%3A%2F%2Fwww.sltrib.com%2F&top=https%3A%2F%2Fwww.sltrib.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=318633835.1614474268&ga_sid=1614474273&ga_hid=1879681726&ga_fc=true&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
0eeb9bda2b69b8bc97b98da1f44acdee2356d047a439d00e723373ec5efb6498
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3052
x-xss-protection
0
google-lineitem-id
4756978442
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138245953932
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
aef5dbe965e8814201292128fa45d2a2.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame F5B0 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://aef5dbe965e8814201292128fa45d2a2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame F5B0 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
postback
s.srvsynd.com/2/1.22.2/234175/AGDXELUNEeNUUZK2/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/1.22.2/234175/AGDXELUNEeNUUZK2/postback?oz_pl=1&de=2&pv=7bff1dab-0531-492f-a8cf-47342679b943&ci=234175&ap=undefined&pp=100212&ui=00000000-0000-0000-0000-000000000000&md=2&sr=connatix.com&ti=x725249833209048290060919046144&to=3&dt=2341751597675869250012&di=www.sltrib.com
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/234175/analytics.js?dt=2341751597675869250012&di=www.sltrib.com&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=100212&ti=x725249833209048290060919046144&de=2&to=3&pv=7bff1dab-0531-492f-a8cf-47342679b943
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 28 Feb 2021 01:04:32 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.srvsynd.com/2/1.22.2/234175/AGDXELUNEeNUUZK2/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/1.22.2/234175/AGDXELUNEeNUUZK2/postback?de=2&pv=7bff1dab-0531-492f-a8cf-47342679b943&ci=234175&ap=undefined&pp=100212&ui=00000000-0000-0000-0000-000000000000&md=2&sr=connatix.com&ti=x725249833209048290060919046144&to=3&dt=2341751597675869250012&di=www.sltrib.com&sid=AGDXELUNEeNUUZK2&oz_sc=aca1e1f87841ca039c3b34a6&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/1.22.2/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 28 Feb 2021 01:04:32 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
container.html
864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 0FEB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.sltrib.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Sun, 28 Feb 2021 01:04:30 GMT
expires
Mon, 28 Feb 2022 01:04:30 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame 0FEB 		2 KB
560 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
02cd60655fcce9585457a7cd041767aba7c4aeef590805801be7090b5fe3fd5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 28 Feb 2021 00:50:21 GMT
server
ESF
date
Sun, 28 Feb 2021 01:04:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 28 Feb 2021 01:04:32 GMT
spam_signals_bundle_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/elements/html/spam_signals/ Frame 0FEB 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/elements/html/spam_signals/spam_signals_bundle_fy2019.js
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7cb0567c7f8816067f80508b906ccdad89e9e76e05573464926eec5a5276d84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 00:37:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1634
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2773
x-xss-protection
0
server
cafe
etag
3338119961263385223
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Mar 2021 00:37:18 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 0FEB 		2 KB
924 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:03:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
896
x-xss-protection
0
server
cafe
etag
948078048762640732
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Mar 2021 01:03:24 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame 0FEB 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 00:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1175
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
18079855114753437313
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Mar 2021 00:44:57 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 0FEB 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 00:58:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
381
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Mar 2021 00:58:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0FEB 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614342950420569"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33470
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:04:32 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 0FEB 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 00:41:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1369
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6139
x-xss-protection
0
server
cafe
etag
4905056106247604317
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Mar 2021 00:41:43 GMT
5d4b6918ba53c75bacf90c3e9a55021e.js
www.gstatic.com/mysidia/ Frame 0FEB 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5d4b6918ba53c75bacf90c3e9a55021e.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
292e3b9fa7eff78d18f9f28e666f940c96696c6a2aa4dd543227f82d0c6c21c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 14:11:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Feb 2021 08:27:31 GMT
server
sffe
age
211953
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10833
x-xss-protection
0
expires
Wed, 26 May 2021 14:11:59 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 0FEB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C7s-rIOw6YMulEJqtgAfnzb-gDP-0_pNhtKKilqAM8ZrBq8EcEAEgheG8SmDRgbmC0AegAczxlvYDyAEJ4AIAqAMByAObBKoE6AFP0NJGntIlL1ufPy_pZFO1E1b1hgGhFNA9eYWoiSxRiYSLNTm0AWeYJNwqGu_20eGnpP7g7kXK31TSNa2lP7wB2VrqgPgqvvNVj-JmPcF0-x6IQBiOvyuT41qSEFaJtBXJBzn1wUjRogBkyf0C3iGkge48eJeVB2EDgfAxZDlYQia4fwe-bgtQAczh4s6CNKvAlfgJAxUmbDq7TGtGBaaab1psdA43AXhQcb-YKdCUa3sEAUks5NMadSV2qrDd0AiuzB2FqEezv9URdOzZP5-xWGV2YF-Z07y37BOZ6a9-3SBSj-u4put7wASz7I_iswPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHnI7pCagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ-74m0ggJCIDhgHAQARgd8ggbYWR4LXN1YnN5bi01NDQ2MDA5NDYzNTQ5OTM0gAoDyAsB2BMCmBYBshcaChgIABIUcHViLTcxNjUxNjA0NTg5NjI2MTE&sigh=mzv8oOFEnic&template_id=494&tpd=AGWhJmuOVNqJWQvTFE8LI-TrZKiK6huw8FifQjTl38zunEA2zg
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
truncated
/ Frame 0FEB 		358 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e8547a61952e7e1a3f4deb3fe1c2f27f9f83f12fccfb55d00bf8e96803563e63

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
shopping
encrypted-tbn3.gstatic.com/ Frame 0FEB 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTHAL9WZZmLjA77Khr9zfVd3iUZV1ryYMcVrRxcS6YCuIkruACaRcH5Y6N9EEM&usqp=CAI
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
860e8c9a2c58899552febf857e4d6777e4acf14dc8f26e8c481bbf41eefd3d05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 11:23:03 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 17:46:54 GMT
server
sffe
age
135689
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13516
x-xss-protection
0
expires
Sat, 26 Feb 2022 11:23:03 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 0FEB 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRJkjL_LIoze6z0RmaU-SEqLNJyyuM4aNwJpBO1H5Bd6PvT0kcwB4zGbGRensY&usqp=CAI
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c407107d271dfd94219b8ea429d2d412483b44e61d71bfdc4208b4512fada891
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 05:58:17 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 02:29:51 GMT
server
sffe
age
155175
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19667
x-xss-protection
0
expires
Sat, 26 Feb 2022 05:58:17 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 0FEB 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSl5xNGQQo4U3hJUSY9ptbbDrCjgjaYsqiJbuuLc1xykV8yUuxB&usqp=CAI
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8d861ecd321ebd859d445c1410148fb1e729f3ed3f592c9ef5efa32c100e640
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 14:00:08 GMT
x-content-type-options
nosniff
last-modified
Fri, 30 Oct 2020 06:12:36 GMT
server
sffe
age
385464
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32121
x-xss-protection
0
expires
Wed, 23 Feb 2022 14:00:08 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 0FEB 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSIS3gQfzL79ORQ36Ag3Ri6fN4DlLiqqhf6K1rM-PBXmRSnYK-xlfEe8r3553Y&usqp=CAI
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3878645d4ed652a2a3877042d7952dc72e2ada8296a808f245851547a551f66a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 10:47:05 GMT
x-content-type-options
nosniff
last-modified
Thu, 29 Oct 2020 10:25:29 GMT
server
sffe
age
51447
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35865
x-xss-protection
0
expires
Sun, 27 Feb 2022 10:47:05 GMT
12461797604719436694
tpc.googlesyndication.com/simgad/ Frame 0FEB
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCboeOPswEQsAkYrAIyCITmPYc43DV3
  • https://tpc.googlesyndication.com/simgad/12461797604719436694
34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12461797604719436694
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
274cd63f256ea7cfbf7d69be70bd05751d38ef9919a4dcd6daf8b69e490f364e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 19:41:30 GMT
x-content-type-options
nosniff
age
192182
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34738
x-xss-protection
0
last-modified
Wed, 04 Jul 2018 02:51:30 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 19:41:30 GMT

Redirect headers

timing-allow-origin
*
date
Sat, 27 Feb 2021 19:41:44 GMT
x-content-type-options
nosniff
server
cafe
age
19368
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/12461797604719436694
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 29 Mar 2021 19:41:44 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 05B0 		42 B
155 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8f_Il8Y7C-xs9019GOQmwe18CNKP5XTnz8Lgblngaq-pz8UdXZXIEttoLmBShjUI88C-yVHYF1MLtFn4YEw36qCVtc4Omdv97Z8-mSF-PbE1fgd_L&sig=Cg0ArKJSzKuOaN9nnFEgEAE&id=osdim&mcvt=1000&p=32,872,126,1600&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210226&bin=7&avms=nio&bs=1600,1200&mc=0.96&app=0&itpl=19&adk=2792047822&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1614474271074&dlt=0&rpt=731&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 0FEB 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1e4625827f907bd6141e9b50896bbf5732578cda07f24b4b249499c53f4a3d3

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oT3ZQZQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v14/ Frame 0FEB 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v14/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oT3ZQZQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2deb82c585f891ba79a0cc6e27caf804cd5308c9fc91f5487549d64f3bb84b89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 09:31:45 GMT
x-content-type-options
nosniff
last-modified
Wed, 04 Dec 2019 18:44:36 GMT
server
sffe
age
142367
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14516
x-xss-protection
0
expires
Sat, 26 Feb 2022 09:31:45 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 0FEB 		55 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: 864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
URL: https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
47979ef506264db0704b5de93065a3ca44e171e2054648f5f12f66f587a1ed3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 00:41:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1384
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21163
x-xss-protection
0
server
cafe
etag
17443452193483161684
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 28 Feb 2021 01:41:28 GMT
pw.js
d3oi8laqsvc6ey.cloudfront.net/ Frame 9EE1 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3oi8laqsvc6ey.cloudfront.net/pw.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:4c00:5:ee0e:9e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85a39b2febc8f8dc2a7ee1e3c4e8a23bcbe10f8250614d32efdd4b4d4bd40df8

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 20:33:54 GMT
content-encoding
gzip
last-modified
Thu, 19 Mar 2020 14:03:51 GMT
server
AmazonS3
age
78903
etag
W/"d0854b8502ea96f99f33cad6229947a4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0a4e8f7c3d348e526848328c55dd452b.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
D3JtloHUxNPcSi237zpzhhjeykH0qatg-XIabG46gvP9hHhjAKIy9A==
view
securepubads.g.doubleclick.net/pcs/ Frame 9EE1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOAIbvlCj-YQG1jSMzOU4yyH6k9qIY5Y_D5NVXGfifoU0kkTZoAp3Pa3U9zVMI_I0MRDLfN5og9-vqoN7lbsGdYyUr2pOfkpZDQn3X82KPiRbbdxmDBZ519I67x7GElfYI4yrWUhZdZ8UaYfChA7EOrxw5rWqAB44DgPVnlgpEnyxS5mxJrNAJUKaZgjSk_OTqHRS9IURE2UgvzVuO_0RAZmarNeNihtKdVbBaBPRH3Neu97KRf386FMeMHaySs_PVTxABO7iZc2XsP1qZTjaXZKkKk264HMWHttJzHSOZ4qejO2gSiITRMMUe2905AUT5tFaQHuxnsAOzBurNPZg&sig=Cg0ArKJSzLhA-uj6SsKNEAE&urlfix=1&adurl=
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Feb 2021 01:04:32 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
136953cb-88f9-48b3-9417-8f28d8a3cf54.js
d2na2p72vtqyok.cloudfront.net/client-embed/ Frame 9EE1 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2na2p72vtqyok.cloudfront.net/client-embed/136953cb-88f9-48b3-9417-8f28d8a3cf54.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-170.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb43d05191a103e395189b8a17420610602731d42cfad1a610e632e4052c30aa

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 03:31:45 GMT
Content-Encoding
gzip
Age
77568
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 25 Feb 2021 03:00:15 GMT
Server
AmazonS3
ETag
W/"e435f52fb6d1aef031d5d9f0a4a4b071"
Vary
Accept-Encoding
x-amz-version-id
UA0P2AoFW.n4iM9ul5UcfZneLXIZxNtC
Via
1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
Cache-Control
max-age=60
X-Amz-Cf-Pop
FRA2-C1
Content-Type
application/javascript
X-Amz-Cf-Id
fuz-I0-XkZF1L4PyzPxBVPR4LHfcODDM77YZL88yOzPP-INj3NCNJg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9EE1 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614342950420569"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33470
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:04:32 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame F5B0 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
946d9a7a03fb3be233ea45625f62ecc13c46743c63f0b2d0b8588e4ec1436d13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614342938524533"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:04:32 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F5B0 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b850ca93251415c6e5b61c2351ca8a8c8903707c3beac464440966103856573
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Feb 2021 01:04:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6485
x-xss-protection
0
postback
s.srvsynd.com/2/1.22.2/234175/AGDXELUNEeNUUZK2/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/1.22.2/234175/AGDXELUNEeNUUZK2/postback?de=2&pv=7bff1dab-0531-492f-a8cf-47342679b943&ci=234175&ap=undefined&pp=100212&ui=00000000-0000-0000-0000-000000000000&md=2&sr=connatix.com&ti=x725249833209048290060919046144&to=3&dt=2341751597675869250012&di=www.sltrib.com&sid=AGDXELUNEeNUUZK2&oz_sc=aca1e1f87841ca039c3b34a6&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/1.22.2/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 28 Feb 2021 01:04:32 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F5B0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:04:32 GMT
21bc8503-7806-41da-b650-37b6eedc566f.js
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame 9EE1 		50 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/21bc8503-7806-41da-b650-37b6eedc566f.js
Requested by
Host: d3oi8laqsvc6ey.cloudfront.net
URL: https://d3oi8laqsvc6ey.cloudfront.net/pw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7e00:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
8f37f7a6e8844b8e059ff5d8525c22db03649fcba4db679f0122a9044b29a9b5

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 00:14:48 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
age
2984
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
14400
cache-control
public, max-age=14400
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
access-control-allow-headers
*
x-amz-cf-id
V_2SB99ut24yJ31gaiHxFSbEx-F6QB9xwectenEh43FAil5fnDG8Gw==
via
1.1 ec9e3bc729d9c6d55ed32446408ad62f.cloudfront.net (CloudFront)
/
includemodal.com/service/imp/21bc8503-7806-41da-b650-37b6eedc566f/ Frame 9EE1 		42 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/21bc8503-7806-41da-b650-37b6eedc566f/?rand=8746061&referer=https://www.sltrib.com/
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.148.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:33 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
container.html
a828656d04a9d8773a73dee54db9d850.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 903C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a828656d04a9d8773a73dee54db9d850.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
a828656d04a9d8773a73dee54db9d850.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html?n=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.sltrib.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Sun, 28 Feb 2021 01:04:32 GMT
expires
Mon, 28 Feb 2022 01:04:32 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
log.gif
includemodal.com/static/ Frame 05B0 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=0efcbf11-0d8b-4048-b467-cb724bc41722&url=https://www.boconcept.com/da-dk/sale-dk%3Futm_campaign%255Cx3d9112685231%255Cx26utm_source%255Cx3dgoogle%255Cx26utm_medium%255Cx3dcpc%255Cx26utm_content%255Cx3d489772251296%255Cx26utm_term%255Cx3d%255Cx26adgroupid%255Cx3d99458761825%255Cx26gclid%255Cx3dEAIaIQobChMIyauVrLGL7wIVy2TgCh2rJwGbEAEYASAAEgIp3vD_BwE%2527%3D&o=https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.148.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:33 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
osd.js
www.googletagservices.com/activeview/js/current/ Frame E299 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
946d9a7a03fb3be233ea45625f62ecc13c46743c63f0b2d0b8588e4ec1436d13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614342938524533"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:04:33 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame E299 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6703628fbfc8c2e4a1e8ee9ddf207913b5f7b4bf898a69bd4d524347345360a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Feb 2021 01:04:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6462
x-xss-protection
0
csi
csi.gstatic.com/ Frame 0FEB 		0
331 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~klogapqi&ctx=2&qqid=CMu1_auxi-8CFZoW4Aod5-YPxA&met.4=fb.j~lb.1d~ol.2k~idt.-13g~dt.-1jt&met.3=739.1e~555.2h~556.2h~738.2j~113.5u_5~112.5t_6&met.1=1.klogapkp~6.0~7.0~8.0~9.0~10.0~12.1~13.6~14.7~15.f~16.1d~17.1d~18.1e~19.2j~20.2j~21.2k&met.7=CBsQCBgBMAc4XGgBcAZ4txeAAZ0XiAGyLbABAbgBAw~CBIQBxgBIBQoFDAjOA9oFXAjeLAEgAH_A4gB6w2qARkKF0dvb2dsZSBTYW5zIERpc3BsYXk6NDAwsAEBuAED~CBwQChgBIBQoFDAbOAdoFXAbeNEWgAHVFYgBqzCwAQG4AQM~CBwQChgBIBUoFTAmOBFoH3AleJwHgAGAB4gBgAywAQG4AQM~CBwQChgBIBUoFTAcOAdoFnAceO45gAHSOYgB548BsAEBuAED~CBwQChgBIBUoFTAmOBFoH3AleKYMgAGKDIgBmhmwAQG4AQM~CCoQChgBIBUoFTAmOBA~CBwQChgBIBYoFjAdOAhoFnAdeJcwgAH7L4gBtm-wAQG4AQM~CBsQChgBIBYoFjBAOCo~CCEQBBgBIB8oHzBwOFA~CBsQAhgBICgoKDBKOCI~CBsQAhgBICkoKTBMOCM~CBsQAhgBICkoKTBMOCQ~CBsQAhgBICkoKTBROCg~CAQQAhgBICkoTjBWOC1oTnBUeO-PAoABso8CiAGyjwKQASmYAS-wAQG4AQM~CBMQAhgBIE8oTzBWOAdoUHBVeMxxgAG0cYgBtHGqARcKEWdvb2dsZXNhbnNkaXNwbGF5EA4YArABAbgBAw~CCgQChgBIGIoYjCSATgwaGNwjgF42qYBgAGrpQGIAda1A7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c03::78 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:33 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E299 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:04:33 GMT
postback
s.srvsynd.com/2/1.22.2/234175/AGDXELUNEeNUUZK2/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/1.22.2/234175/AGDXELUNEeNUUZK2/postback?de=2&pv=7bff1dab-0531-492f-a8cf-47342679b943&ci=234175&ap=undefined&pp=100212&ui=00000000-0000-0000-0000-000000000000&md=2&sr=connatix.com&ti=x725249833209048290060919046144&to=3&dt=2341751597675869250012&di=www.sltrib.com&sid=AGDXELUNEeNUUZK2&oz_sc=aca1e1f87841ca039c3b34a6&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/1.22.2/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 28 Feb 2021 01:04:32 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
activeview
pagead2.googlesyndication.com/pcs/ Frame D1B1 		42 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuiljhcMK1J2Hy9fnn2fAFKhQ489a5m6ZX2tHJMTFdD7duKMQ5jYmoXzXiLhA28QLM7qBelK4OknIMx-89MGpMlTX7FQ8IQSPkTG_gxk8KNj9mbTupryOF53YA7uwBTrah_3NXEQX5DUZ7ZdqU-x4o8&sai=AMfl-YTxYxoEfc4-U5slf-266eBw5Q_PuEXvToAgtue7eNpa8_SSkcTcAHllm2AV8Liy-oqUgtbjzR4FArzVsya4ZVRQciKsSzRQg2GMP9Di5KFLw9oRQy0POs1X0d0&sig=Cg0ArKJSzBXAu4O0MWDxEAE&cid=CAASPeRo1qlc-IvXAuW2A6m-eSSmJZ8Bk_owZisQqWN0i04RAB6ImtbqXY9Ylpio-Ag2p6VTVWKifCRaBnWIMJY&id=ampim&o=1077,248&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1060&mtos=0,0,1060,1060,1060&tos=0,0,1060,0,0&tfs=221&tls=1281&g=100&h=100&tt=1281&r=v&avms=ampa&adk=3590441876
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 52A0 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.sltrib.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Sun, 28 Feb 2021 00:42:46 GMT
expires
Mon, 28 Feb 2022 00:42:46 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1307
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js
d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/ Frame 9EE1 		313 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js
Requested by
Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/136953cb-88f9-48b3-9417-8f28d8a3cf54.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:de00:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8ab7056fb99d8517ec46d80cc0bf1249b190fe1dc12213c9554892e7c7cdb07

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
wsrYuafz5KqiIdk4ssFx8lUeQxJTl_Ii
content-encoding
gzip
last-modified
Thu, 25 Feb 2021 03:00:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
W/"e443cb8260dfe6302f25c7a7d333e773"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 d9bf8acc1da383db4531789bbb03ac07.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Sun, 28 Feb 2021 01:04:34 GMT
x-amz-cf-id
RktD7NNiRQD1tTE6CVE59mrxOhVGae2TP0KC-3Ufy6SRocVtX4FAGQ==
log.gif
includemodal.com/static/ Frame 9EE1 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=1614474272965&url=https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js&o=https://www.sltrib.com/
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.148.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:33 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3645771183198376631/ Frame EB43 		67 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3645771183198376631/index.html
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2523d5cae257051483c8483f29c034ed536353b9eec22a48e18489864f13ee95
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/3645771183198376631/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://a828656d04a9d8773a73dee54db9d850.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://a828656d04a9d8773a73dee54db9d850.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Sat, 27 Feb 2021 10:27:21 GMT
expires
Sun, 27 Feb 2022 10:27:21 GMT
last-modified
Mon, 04 Jan 2021 08:00:30 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
content-length
17072
age
52632
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 903C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CqHw8IOw6YMmbKMvJgQerz4TYCbnUv8Jc_Lybj40Ntuzs7K4JEAEgheG8SmDRgbmC0AegAeu_ut0DyAEJqQIWlSKLvMuFPuACAKgDAcgDCKoE6QFP0NOT_5XdgUjCh-X1G3UQvH9fWgz8wd6QAqtJZliV1XFup-Vazegrzw3XcfARqrO7LvDUXgGjwWwr344DAiqks0mCI5zh7EmJXyJAjyNwGtekWQ4BGGOkDRD-egOlMz2ptARMOPFRaoEHJqFOsb7fziY7QdqVX2u773XZ0fRRgJfwZjfT8_9ak1j7d1AdsgJflSMlHAxJRCBpjfbMuxzwx4IRtcUKXgteb0-b2psZNGWftsOE-tDfw9S3Tq3wP4NrDJy86fynjlQRxdu3k8E62SPenbMdSMsEETH7QX2uu9kGUBq5TNyYksAE4YjRwfIC4AQBkgUECAQYAZIFBAgFGASgBi6AB_2_xSKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQk4cP0ggJCIDhgHAQARgd8ggbYWR4LXN1YnN5bi01NDQ2MDA5NDYzNTQ5OTM0gAoDyAsB2BMNshcaChgIABIUcHViLTcxNjUxNjA0NTg5NjI2MTE&sigh=dp0g7a1l7Dg&template_id=419&tpd=AGWhJmsFLyKPZnXGpD1lpTeShnUpcLJIn3boq0bORWo0F346pw
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://a828656d04a9d8773a73dee54db9d850.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame 903C 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js
Requested by
Host: a828656d04a9d8773a73dee54db9d850.safeframe.googlesyndication.com
URL: https://a828656d04a9d8773a73dee54db9d850.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a828656d04a9d8773a73dee54db9d850.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 00:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1176
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
18079855114753437313
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Mar 2021 00:44:57 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 903C 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js
Requested by
Host: a828656d04a9d8773a73dee54db9d850.safeframe.googlesyndication.com
URL: https://a828656d04a9d8773a73dee54db9d850.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a828656d04a9d8773a73dee54db9d850.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 00:58:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
382
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Mar 2021 00:58:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 903C 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a828656d04a9d8773a73dee54db9d850.safeframe.googlesyndication.com
URL: https://a828656d04a9d8773a73dee54db9d850.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a828656d04a9d8773a73dee54db9d850.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614342950420569"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33470
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:04:33 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 903C 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: a828656d04a9d8773a73dee54db9d850.safeframe.googlesyndication.com
URL: https://a828656d04a9d8773a73dee54db9d850.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a828656d04a9d8773a73dee54db9d850.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 00:41:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1370
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6139
x-xss-protection
0
server
cafe
etag
4905056106247604317
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Mar 2021 00:41:43 GMT
l
www.google.com/ads/measurement/ Frame 903C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRZTMeUQSuFdS1Nc-NFj8aNBguK0WSS_C8a6vBCiKfpb4JaF0Ae2cPgBAExpDagoDoslz4D
Requested by
Host: a828656d04a9d8773a73dee54db9d850.safeframe.googlesyndication.com
URL: https://a828656d04a9d8773a73dee54db9d850.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://a828656d04a9d8773a73dee54db9d850.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
spam_signals_bundle_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/elements/html/spam_signals/ Frame A07F 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/elements/html/spam_signals/spam_signals_bundle_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7cb0567c7f8816067f80508b906ccdad89e9e76e05573464926eec5a5276d84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 00:37:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1635
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2773
x-xss-protection
0
server
cafe
etag
3338119961263385223
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Mar 2021 00:37:18 GMT
pw.js
includemodal.global.ssl.fastly.net/ Frame A07F 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://includemodal.global.ssl.fastly.net/pw.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e29691cbd68d16dccf0cf82f7d292896167afa0cabb945b815a5d06c551e88b

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
AaVtUAIoqppbf9eVzQOMXcUvOiE4G38r
Content-Encoding
gzip
ETag
"c1bfef3061ab3fd25ec75d51366fff63"
Age
2847
X-Cache
HIT
Connection
keep-alive
Content-Length
9915
x-amz-id-2
ieay/1tO//TRwiMOJ3yrhGbm54ruYdw5xIDM6gpjpRdLMnGY2zAZOE9LOHxd6fCNCWmJ096Xdio=
X-Served-By
cache-hhn4072-HHN
Last-Modified
Mon, 22 Feb 2021 22:14:04 GMT
Server
AmazonS3
X-Timer
S1614474273.224216,VS0,VE0
Date
Sun, 28 Feb 2021 01:04:33 GMT
Vary
Accept-Encoding
x-amz-request-id
6EC2423308D6EE49
Via
1.1 varnish
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
56
10517606671617494897
tpc.googlesyndication.com/simgad/ Frame A07F 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10517606671617494897
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85fd9a802bbe7f093d8affccc7e3bf87842db69c0581243dbb668b0ce44cc2f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 19:52:26 GMT
x-content-type-options
nosniff
age
191527
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33077
x-xss-protection
0
last-modified
Fri, 11 Dec 2020 22:21:14 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 19:52:26 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame A07F 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 00:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1176
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
18079855114753437313
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Mar 2021 00:44:57 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame A07F 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 00:58:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
382
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Mar 2021 00:58:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A07F 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614342950420569"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33470
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:04:33 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 925C 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.sltrib.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Sun, 28 Feb 2021 00:42:46 GMT
expires
Mon, 28 Feb 2022 00:42:46 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1307
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame A07F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOiaehoT4xoeiI_GPknEGXWHnFbWGJP8Qtfpv79Q7L0amO512F-F_hGIDaXXn92B4IIuGDsW7eO5xRQrzGBQb_bSAcSNs2Ul6rlUW-mVknbzVqHRpOGD-ovF051YFuHAmVPkqcyntqSn1x9PsSt0UhQIxoqr2EiZb3qS-rsiEycobh58dgjkFSEz-jp6QkH7T3Pq8VqLjYfbnM4e6Svwdw8i_vWJvnAAKT0EPNMCbBFgvY5h9Dqt4DKQTUFMYqeu4fT1QSVPglXynHW4B6CKyMri-fmIINQdQXayD6ejWT3VyCpC6JsRofAzRU&sig=Cg0ArKJSzNH4gJcOeJSJEAE&adurl=
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Feb 2021 01:04:33 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
postback
s.srvsynd.com/2/1.22.2/234175/AGDXELUNEeNUUZK2/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/1.22.2/234175/AGDXELUNEeNUUZK2/postback?de=2&pv=7bff1dab-0531-492f-a8cf-47342679b943&ci=234175&ap=undefined&pp=100212&ui=00000000-0000-0000-0000-000000000000&md=2&sr=connatix.com&ti=x725249833209048290060919046144&to=3&dt=2341751597675869250012&di=www.sltrib.com&sid=AGDXELUNEeNUUZK2&oz_sc=aca1e1f87841ca039c3b34a6&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/1.22.2/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 28 Feb 2021 01:04:32 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
activeview
pagead2.googlesyndication.com/pcs/ Frame 9C94 		42 B
66 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuSIU8ay_ldmWoivo5RPqdPI5Lmr6qaTnXikPUxYrzsbzZfEkoB66TN3PUyT-MEB9Vxq4SuVrcAgVnH9plzs1EbzuCrT9yS1LmB40sWeJ7I5fpCxw44PmkC3zzBnQ&sai=AMfl-YSzOx-Qp-CtZ8YBxqKV0U4eSWFbybjZzJkXLlhK-JNfVrZsmxpZN3m4rorZ7SB6T9zjgir-MJj5myqibvyFjC8o0GVxnER8Bek2cqZB-D2uXolHAfsPy3uFUuU&sig=Cg0ArKJSzFqMiN1NJEMVEAE&cid=CAASPeRoaSrkjAac4CNnMwu2F0bk6wyfBwYjmLv_yiLY1bQdJoGgiehgf1XrklPJD4ztQrmc-zZZLC7AjRHH3qg&id=osdim&mcvt=1012&p=972,315,1222,1285&mtos=0,1012,1012,1012,1012&tos=0,1012,0,0,0&v=20210226&bin=7&avms=nio&bs=0,0&mc=0.91&if=1&app=0&itpl=22&adk=2171281020&rs=4&met=mue&la=1&cr=0&osd=1&vs=4&rst=1614474272056&dlt=32&rpt=0&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame EB43 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3645771183198376631/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 04:25:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74332
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 28 Feb 2021 04:25:41 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame EB43 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3645771183198376631/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 12:41:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44559
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 28 Feb 2021 12:41:54 GMT
truncated
/ Frame 903C 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cddddc3adec56b52844a165736305b1193d35ad0e2e4f541f93ced6bc61dc4cc

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A07F 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d1fd01d21ed57fcc32e18246d627822f46a7dd9767735a80005f940467651613

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame A07F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtSDKH-pXpBy4lU45-XN8C9abm9M54X_u2HG6FgqN1KQB4pOx6QOQzHg_wjG3s-QUmOxm_RcJUYuG-1ONUimVfYBtViBq8FRpUdPbbBSnejin5TjBWtg9BNinDB-D7wVcBrmp1zcUFOHmus8_KnWssfpO0laZShcaHyD1Qs-U4nPQ-JoNzNU8R4y17O6eebSTGysNTscv_lnePuImLhLoIYfTX2OVlSS5D-wC8PBzyCfJWJw40wRCJQpA4WTN58JrNr1dbm_tBaimbiLMKZbtTgI5BT-wuEB67dzSsKvl47wehB-ZHG8sQKaGnEkk&sig=Cg0ArKJSzI-KspaiSDplEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Feb 2021 01:04:33 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:04:33 GMT
/
includemodal.com/service/imp/563c6d6c-a9ec-41aa-8ccd-73dcdb17c8eb/ Frame A07F 		42 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/563c6d6c-a9ec-41aa-8ccd-73dcdb17c8eb/?rand=397410&referer=https://www.sltrib.com/
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.148.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:33 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
T-Hew4zKFoEuSiaqIGgqIslCHcmG-ErS7x6AqoEqFIc.js
pagead2.googlesyndication.com/bg/ Frame 52A0 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/T-Hew4zKFoEuSiaqIGgqIslCHcmG-ErS7x6AqoEqFIc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fe1dec38cca16812e4a26aa20682a22c9421dc986f84ad2ef1e80aa812a1487
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 20:36:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
102460
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6212
x-xss-protection
0
expires
Sat, 26 Feb 2022 20:36:53 GMT
text.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3645771183198376631/ Frame EB43 		26 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3645771183198376631/text.svg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11c89103ee41575de116f043d724e7db3faa919e044b00f0e115dbfc47908461
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
238936
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7466
x-xss-protection
0
last-modified
Mon, 04 Jan 2021 08:00:30 GMT
server
sffe
date
Thu, 25 Feb 2021 06:42:17 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 06:42:17 GMT
Sale.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3645771183198376631/ Frame EB43 		943 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3645771183198376631/Sale.svg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
954ac0c8ea35174ba8f69f5525ca745bfb372cd9805b1bdff64b9c3a4fa7d924
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
152493
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
579
x-xss-protection
0
last-modified
Mon, 04 Jan 2021 08:00:30 GMT
server
sffe
date
Fri, 26 Feb 2021 06:43:00 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Feb 2022 06:43:00 GMT
Eks.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3645771183198376631/ Frame EB43 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3645771183198376631/Eks.svg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d8166ea5d3f82de6727e6d84fc32d720f31062c1e8cc6af6a74b3649fd40a3c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
41738
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1121
x-xss-protection
0
last-modified
Mon, 04 Jan 2021 08:00:30 GMT
server
sffe
date
Sat, 27 Feb 2021 13:28:55 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Feb 2022 13:28:55 GMT
logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3645771183198376631/ Frame EB43 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3645771183198376631/logo.svg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e43319b533cee604e2230bcc9d8d080635632bac8334809ec80fc14213607b3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
71778
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1653
x-xss-protection
0
last-modified
Mon, 04 Jan 2021 08:00:30 GMT
server
sffe
date
Sat, 27 Feb 2021 05:08:15 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Feb 2022 05:08:15 GMT
Red.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3645771183198376631/ Frame EB43 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3645771183198376631/Red.jpg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b645a85638664c911c407b6199a38b20c34eadda072ab64c5b849c2abb030a76
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
41738
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66848
x-xss-protection
0
last-modified
Mon, 04 Jan 2021 08:00:30 GMT
server
sffe
date
Sat, 27 Feb 2021 13:28:55 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Feb 2022 13:28:55 GMT
Button.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3645771183198376631/ Frame EB43 		2 KB
877 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3645771183198376631/Button.svg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be3c0d52d30fb7fa6c1f6b6225369be8d0bec4864e9593f8532665d2b6593066
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
152493
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
844
x-xss-protection
0
last-modified
Mon, 04 Jan 2021 08:00:30 GMT
server
sffe
date
Fri, 26 Feb 2021 06:43:00 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Feb 2022 06:43:00 GMT
F5.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3645771183198376631/ Frame EB43 		10 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3645771183198376631/F5.svg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b59201977d3c2c83abccaab9aa678474e96ad70d00fa98b3906b39f9f5161065
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
41738
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6179
x-xss-protection
0
last-modified
Mon, 04 Jan 2021 08:00:30 GMT
server
sffe
date
Sat, 27 Feb 2021 13:28:55 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Feb 2022 13:28:55 GMT
Img1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3645771183198376631/ Frame EB43 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3645771183198376631/Img1.jpg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c88ffd63d5591212cfb5134a6811b560f583f29e515fe8b9570d7ede003c3136
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
41738
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27596
x-xss-protection
0
last-modified
Mon, 04 Jan 2021 08:00:30 GMT
server
sffe
date
Sat, 27 Feb 2021 13:28:55 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Feb 2022 13:28:55 GMT
T-Hew4zKFoEuSiaqIGgqIslCHcmG-ErS7x6AqoEqFIc.js
pagead2.googlesyndication.com/bg/ Frame 925C 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/T-Hew4zKFoEuSiaqIGgqIslCHcmG-ErS7x6AqoEqFIc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fe1dec38cca16812e4a26aa20682a22c9421dc986f84ad2ef1e80aa812a1487
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 20:36:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
102460
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6212
x-xss-protection
0
expires
Sat, 26 Feb 2022 20:36:53 GMT
postback
s.srvsynd.com/2/1.22.2/234175/AGDXELUNEeNUUZK2/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/1.22.2/234175/AGDXELUNEeNUUZK2/postback?de=2&pv=7bff1dab-0531-492f-a8cf-47342679b943&ci=234175&ap=undefined&pp=100212&ui=00000000-0000-0000-0000-000000000000&md=2&sr=connatix.com&ti=x725249833209048290060919046144&to=3&dt=2341751597675869250012&di=www.sltrib.com&sid=AGDXELUNEeNUUZK2&oz_sc=aca1e1f87841ca039c3b34a6&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/1.22.2/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 28 Feb 2021 01:04:33 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
/
geoip.insticator.com/json/ Frame 9EE1 		242 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.158.142.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
9e9ffd05aab299e4953a38fbac1b09dfdf5cf4c138aa72175e7ca879bd57c5ee

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
https://www.sltrib.com
date
Sun, 28 Feb 2021 01:04:33 GMT
access-control-allow-credentials
true
x-database-date
Sat, 27 Feb 2021 18:11:18 GMT
content-length
242
vary
Origin
content-type
application/json
usertracking
b2c.insticator.com/v3/pages/ Frame 06DD 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b2c.insticator.com/v3/pages/usertracking
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.180.114 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7

Request headers

:method
GET
:authority
b2c.insticator.com
:scheme
https
:path
/v3/pages/usertracking
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.sltrib.com/

Response headers

date
Sun, 28 Feb 2021 01:04:33 GMT
content-type
text/html; charset=UTF-8
content-length
2821
etag
343839bd-bdcb-4c6c-bc63-ab0022d6b524
vary
Accept-Encoding,Origin
pragma
max-age=3600
cache-control
max-age=3600
content-encoding
gzip
instbid-3.27.1-lineate.js
df80k0z3fi8zg.cloudfront.net/files/ Frame 9EE1 		341 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d000:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8bdff3474a2489fdebb5d89b7d8306de879cccf19c19c035f3e0874058a9247c

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
1Itu7toNKop.2NOnx2uGNcPGoqx61L3u
content-encoding
gzip
last-modified
Wed, 24 Feb 2021 22:23:27 GMT
server
AmazonS3
age
83588
etag
W/"a21d26500c25e2f27a6f7f33a8758ff4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
date
Sat, 27 Feb 2021 03:11:35 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
0Z7rsEi0FSI26er2kswuVR6qdXzBPr91q33flx8VZWGTRWi2eSEqkQ==
config.js
confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ Frame 9EE1 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fd14a16b73082a165a1d3b55eba44a64c1c968adedf3305c309c49efaf0ff8b7

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 28 Feb 2021 01:04:33 GMT
Content-Encoding
gzip
Age
2754
X-Cache
HIT
Connection
keep-alive
Content-Length
17882
x-amz-id-2
c1Kq+aFK6G/nM5aL/5dMs4ke7QunKTQOq1dCkohFb7Z5UoF+/EY10YmQLqiXnam2geSykWuY6SU=
X-Served-By
cache-hhn4078-HHN
Last-Modified
Sat, 27 Feb 2021 22:52:59 GMT
Server
AmazonS3
X-Timer
S1614474274.699564,VS0,VE0
ETag
"43aba982e182961f566de483feb8d4f9"
x-amz-request-id
FS2MDKERFP4N8P9G
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
82
apstag.js
c.amazon-adsystem.com/aax2/ Frame 9EE1 		115 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-34.fra2.r.cloudfront.net
Software
Server /
Resource Hash
130eab0b79272570e565d77bb286b5755b9aae8f33efe8af7a2689bf8eabb859

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:01:11 GMT
content-encoding
gzip
server
Server
age
201
etag
d7c8ebbead57940cf77ae4183f7ff01a
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
pkiOsnrw5ub40d2SPOSAjPBBoA7O4uIM
x-amz-cf-id
YGBKOLoZOBJEleoiBBC2Ohmfyalkf2ZoP8Mdq8Nh7yD1wxgBtQmUaA==
log.gif
includemodal.com/static/ Frame 9EE1 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=1614474272965&url=https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js&o=https://www.sltrib.com/
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.148.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:33 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame 9EE1 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=1614474272965&url=https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js&o=https://www.sltrib.com/
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.148.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:33 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame 9EE1 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=1614474272965&url=https://c.amazon-adsystem.com/aax2/apstag.js&o=https://www.sltrib.com/
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.148.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:33 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012101070013000/ Frame 36EB 		185 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
183463
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53820
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ee5348f2de7cdf64"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 36EB 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
183463
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4559
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c3a321a15743f406"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 36EB 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
183463
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27206
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1f991b6a8daa2b14"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 36EB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
183463
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1376
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"512b909f94eb26fb"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 36EB 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
183463
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12793
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1e3ef417618f7e28"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 36EB 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Feb 2021 20:46:55 GMT
x-content-type-options
nosniff
server
cafe
age
15458
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 28 Feb 2021 20:46:55 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 36EB 		295 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Feb 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
10048
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 28 Feb 2021 22:17:05 GMT
truncated
/ Frame 36EB 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ce1aa6dd3503fef8412c1635862b6e6c8f9e30e0782d1a9d9f4532af2d61a987

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
15696933429240936212
tpc.googlesyndication.com/daca_images/simgad/ Frame 36EB 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/15696933429240936212
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
981060307e32f940e64e08f7afb4a3b681dfac27ab79a48afb75153bdec126b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 08:49:30 GMT
x-content-type-options
nosniff
age
144903
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89417
x-xss-protection
0
last-modified
Tue, 25 Jun 2019 20:20:57 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Feb 2022 08:49:30 GMT
l
www.google.com/ads/measurement/ Frame 36EB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSq9ycLuk0KE5SleSwOLf0XV3zqZKJA2czi_MDATiNCJVt-wfTb0-ojaCZcyf4g_EyYsmz9
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 36EB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CMMweIew6YOSBCpfUgAfU8q-QDr_mrOZZp9bq_IgKyuLS4LIBEAEg2Yb-ImDRgbmC0AegAc64koMDyAECqQIWlSKLvMuFPuACAKgDAcgDCKoE8wFP0Nop1SuRLxv8rVEzzxjId5AH89EzwnbtRL2tKMmOVWcPdNMTyCMxWmCU6MoNqALu5lksft1OKfMi1bB1XQbg5_Z9lv6xcZHRTn9Nb5vqgsjXWgMoLVMvR0hNe62OkqXaVJO0pH0HjYgERNSlguNUlAcyyRaJkEi1bTb03maEQm2dOXEtn6iLc3dENIev-nVmS57gbQxlz16VcH82k0ulZot8IEAdhDRU6pq--8xLUo4vtZJ_5QTjC_w-9P3-v_Go0kSBZ6-j8xaymTgrdIRxxtwE70TTkdP3K5v3VDzn2BPUzzJSpJj9tilIxsLHy3PrvInABML809KSAuAEAZIFBAgEGAGSBQQIBRgEoAYCgAeax-18qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEOrbI9IICQiA4YBwEAEYHYAKA8gLAdgTDbIXGgoYCAASFHB1Yi01MTYyNTU5Njk1NTc5NjE0&sigh=A6FDBQWMLuE&tpd=AGWhJmt1u6Q6YuY1lMyDwqtYtlLn9f_nCDtarA6WVvx-4fhiPA
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
postback
s.srvsynd.com/2/1.22.2/234175/AGDXELUNEeNUUZK2/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/1.22.2/234175/AGDXELUNEeNUUZK2/postback?de=2&pv=7bff1dab-0531-492f-a8cf-47342679b943&ci=234175&ap=undefined&pp=100212&ui=00000000-0000-0000-0000-000000000000&md=2&sr=connatix.com&ti=x725249833209048290060919046144&to=3&dt=2341751597675869250012&di=www.sltrib.com&sid=AGDXELUNEeNUUZK2&oz_sc=aca1e1f87841ca039c3b34a6&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/1.22.2/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 28 Feb 2021 01:04:33 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
insticator
prebid.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://prebid.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_3.27.1
Protocol
H2
Server
193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.sltrib.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 28 Feb 2021 01:04:34 GMT
access-control-allow-headers
content-type
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
71704583
age
0
via
1.1 varnish
arj
insticator-d.openx.net/w/1.0/ Frame 9EE1 		172 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://insticator-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sltrib.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=1a193134-18fa-4ecf-b6ba-3c4f279bc7fe&nocache=1614474273745&schain=1.0%2C1!insticator.com%2C4cd377bb-c455-40c0-9c7a-667505450792%2C1%2C%2C%2C&aus=336x280%2C300x250%2C320x50&divIds=div-insticator-ad-3&auid=540834547
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
8561425906e41d692a5e901cff55648c9842d1eb3a293bc7d0d51fce6e589e4d

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:33 GMT
content-encoding
gzip
server
OXGW/16.202.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sltrib.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
hb
ice.360yield.com/ Frame 9EE1 		98 B
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22406c326ea534af1%22%2C%22version%22%3A%227.1.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.sltrib.com%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%224cd377bb-c455-40c0-9c7a-667505450792%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2245bf94f1e51423%22%2C%22pid%22%3A%2222111519%22%2C%22tid%22%3A%2267e01843-5935-4389-a2db-5eb831d2db36%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A336%2C%22h%22%3A280%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%5D%7D%7D%5D%7D%7D
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.249.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4dd3a172535ee3aaee582f984784933028bbdefbeea8eda47e25b68de1d3f686

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sltrib.com
date
Sun, 28 Feb 2021 01:04:33 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
98
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
prebid
ib.adnxs.com/ut/v3/ Frame 9EE1 		19 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:33 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.155:80
AN-X-Request-Uuid
415d7fae-1b77-46cd-be21-498aee7eb4a1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
dmx.districtm.io/b/ Frame 9EE1 		0
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 28 Feb 2021 01:04:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
cf-ray
62863b73483d737b-CPH
access-control-allow-headers
Content-Type, Origin
cf-request-id
0887c37c0f0000737b41322000000001
cygnus
htlb.casalemedia.com/ Frame 9EE1 		24 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=297142&v=7.2&r=%7B%22id%22%3A%229a6a62cb04fa16%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2210776ae89f33e2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22297142%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2211750fa54986133%22%2C%22ext%22%3A%7B%22siteID%22%3A%22297142%22%2C%22sid%22%3A%22320x100%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A100%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22124c317e9ca864c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22297142%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2213a82345223b04f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22297142%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.sltrib.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%224cd377bb-c455-40c0-9c7a-667505450792%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.135 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-135.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f2dbaf8d6327f0b8d21b24353616b8c0bc7115354221b8fc928c444ff04bb238

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:33 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DK], RC:[], CN:[EU], CIP:[82.102.20.235], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sltrib.com
x-cs-client-geo
10
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
10
expires
Sun, 28 Feb 2021 01:04:33 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 9EE1 		19 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:33 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.166:80
AN-X-Request-Uuid
8f543959-0dfe-4f49-b65b-0609cc0eebdb
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 9EE1 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sltrib.com
date
Sun, 28 Feb 2021 01:04:32 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
insticator
prebid.technoratimedia.com/openrtb/bids/ Frame 9EE1 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_3.27.1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 28 Feb 2021 01:04:34 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
63815280
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
imp
g2.gumgum.com/hbid/ Frame 9EE1 		422 B
940 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=18037&pi=3&schain=1.0%2C1!insticator.com%2C4cd377bb-c455-40c0-9c7a-667505450792%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.sltrib.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%223.27.1%22%7D&ogu=null&ns=9216
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d3748bc8fc2eaed9990d160616abd07658f9176839e2e8a5d48266b93dc5e7e4

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:33 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.sltrib.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
c
prebid.a-mo.net/a/ Frame 9EE1 		780 B
768 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
b04d4c1512ceb8c06f4cf1dee35aee38f7fcf951be9578fc4553144ee5822169

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 28 Feb 2021 01:04:33 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sltrib.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
content-length
339
mvo
tag.1rx.io/rmp/74418/0/ Frame 9EE1 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/74418/0/mvo?z=1r&hbv=3.27.1,2.1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.sltrib.com
Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:33 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
/
hb.emxdgt.com/ Frame 9EE1 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1614474273759&src=pbjs
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 28 Feb 2021 01:04:33 GMT
Content-Type
text/html
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
security, Content-Type
Content-Length
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 9EE1 		264 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=156734&zone_id=1022858&size_id=15&alt_size_ids=16%2C43&rp_schain=1.0,1!insticator.com,4cd377bb-c455-40c0-9c7a-667505450792,1,,,&rf=https%3A%2F%2Fwww.sltrib.com%2F&tk_flint=pbjs_lite_v3.27.1&x_source.tid=8c27a5ca-adec-4f8b-adb8-9b1da2a2f11d&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3679366340865
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
3bc100c0bd07cc5c6f86a2ce69763fc1cf37b855fd5b395e842c3afb46bf6696

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:33 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
264
Expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ Frame 9EE1 		95 B
733 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2231ff9984eb5e27e%22%3A%22de61f6d30b17074b027e%7C336x280%2C320x100%2C300x250%2C320x50%22%7D&ref=https%3A%2F%2Fwww.sltrib.com%2F&s=121faacd-8307-4d14-b2ef-6ee33612fa84&pv=8c620519-e987-4d1a-a72d-fc17d7d82ffa&vp=mobile&lib_name=prebid&lib_v=3.27.1&us=3&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%224cd377bb-c455-40c0-9c7a-667505450792%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
24bd9d241796208ea33a147077e7d34fcf19da189102bb10bc3585ec7a50c290
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:33 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-132
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
120
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 9EE1 		24 B
758 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.27.1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
44045ac1fa2fc865d22c33e508b042544a3ecc24dc2e3403b669d658af173e31

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 28 Feb 2021 01:04:33 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.sltrib.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
prebid
ib.adnxs.com/ut/v3/ Frame 9EE1 		19 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:33 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.237:80
AN-X-Request-Uuid
a900ced9-6bb1-450b-8957-1616567a3c71
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
ssc.33across.com/api/v1/ Frame 9EE1 		66 B
635 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.248.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ 33Across
Resource Hash
053eb72b1ddfef4f5c2e4a8b21b8db54cfe5537c44d68dfbdb0aac2cd1cf498e

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 28 Feb 2021 01:04:33 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
header
hb.aralego.com/ Frame 9EE1 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-7727D7BE33EA9449FB9E9D33B2B88E62&tdid=&schain=1.0%2C1!insticator.com%2C4cd377bb-c455-40c0-9c7a-667505450792%2C1%2C%2C%2C&fp=undefined&host=www.sltrib.com&u=https%3A%2F%2Fwww.sltrib.com%2F&xr=0&ao=https%3A%2F%2Fwww.sltrib.com&ucfUid=98577405-f373-4aa0-bfb8-04a4572ed670&w=336&h=280
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.sltrib.com
Date
Sun, 28 Feb 2021 01:04:34 GMT
Access-Control-Allow-Credentials
true
Connection
close
pixel.gif
dh014lg6uwepv.cloudfront.net/ Frame 9EE1 		35 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dh014lg6uwepv.cloudfront.net/pixel.gif?timestamp=1614474273728&site_uuid=136953cb-88f9-48b3-9417-8f28d8a3cf54&hostname=www.sltrib.com&ad_unit=wral.com_Web_300x250_3&impression_type=il&device=desktop&country_code=UNKNOWN
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9e00:1a:5302:20c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:34 GMT
via
1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 16:08:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
RefreshHit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
_ZTxfSZsKg6BAw2VebzpDhodSEzVzadXV5XZnnvd7K5cxoa6B3RQKQ==
log.gif
includemodal.com/static/ Frame 9EE1 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=1614474272965&url=https://dh014lg6uwepv.cloudfront.net/pixel.gif?timestamp=1614474273728&site_uuid=136953cb-88f9-48b3-9417-8f28d8a3cf54&hostname=www.sltrib.com&ad_unit=wral.com_Web_300x250_3&impression_type=il&device=desktop&country_code=UNKNOWN&o=https://www.sltrib.com/
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.148.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:33 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
bid
c.amazon-adsystem.com/e/dtb/ Frame 9EE1 		23 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sltrib.com%2F&pid=6KbO8gGiweKBi&cb=0&ws=0x0&v=7.59.00&t=3000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F27794161%2Fwral.com_Web_300x250_3%22%7D%5D&cfgv=0&schain=1.0%2C1!insticator.com%2C4cd377bb-c455-40c0-9c7a-667505450792%2C1%2C%2C%2C&pubid=70fb13d1-ab65-42ac-a7ca-0b4e680d5c92&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-34.fra2.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:33 GMT
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
ysPgZEHAJKKrutAB2sqTKsjYox2UoDvIVNxMPKImc56jZZ6nnFZ-7Q==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 9EE1 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-34.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
8kbPIzTLk7_TMvnggUSDACBTugDfX2qC
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
45986
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Fri, 29 Jan 2021 06:42:57 GMT
server
AmazonS3
date
Sat, 27 Feb 2021 12:18:18 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
9aoYDmIzmH-4gpxo1Z8OX4WwDpqxcX_diKIEoaz82KFlfWBeErhKQg==
si
googleads.g.doubleclick.net/pagead/drt/ Frame 36EB
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date
Sun, 28 Feb 2021 01:04:33 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
15696933429240936212
tpc.googlesyndication.com/daca_images/simgad/ Frame 36EB 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/15696933429240936212
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
981060307e32f940e64e08f7afb4a3b681dfac27ab79a48afb75153bdec126b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 08:49:30 GMT
x-content-type-options
nosniff
age
144903
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89417
x-xss-protection
0
last-modified
Tue, 25 Jun 2019 20:20:57 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Feb 2022 08:49:30 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 36EB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Feb 2021 20:46:55 GMT
x-content-type-options
nosniff
server
cafe
age
15458
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 28 Feb 2021 20:46:55 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 36EB 		295 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Feb 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
10048
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 28 Feb 2021 22:17:05 GMT
wrap.js
confiant-integrations.global.ssl.fastly.net/gpt/202102241456/ Frame 9EE1 		194 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gpt/202102241456/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3a4a81f366d8893a0443bb7f93b94177000f070bb2fe0144e04c05633a130620

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 28 Feb 2021 01:04:33 GMT
Content-Encoding
gzip
Age
757
X-Cache
HIT
Connection
keep-alive
Content-Length
59455
x-amz-id-2
8rJ7+UEORAIWdRTjaDuu+n+3u9qbcDsW8F6+/CDcOcsNCg0DKmKwe8lxeSc7r48U1wK8WU0gMFI=
X-Served-By
cache-hhn4078-HHN
Last-Modified
Wed, 24 Feb 2021 20:05:16 GMT
Server
AmazonS3
X-Timer
S1614474274.871644,VS0,VE0
ETag
"454fd936b9c1a13739ebad24d7d8059b"
x-amz-request-id
C7E15CFB2DF3BEDF
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
218
wrap.js
confiant-integrations.global.ssl.fastly.net/prebid/202102241456/ Frame 9EE1 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/prebid/202102241456/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b1d7910eccbd2bda5ba0548cd599a34cec653c417eac8ccd75419846bcd0c53a

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 28 Feb 2021 01:04:33 GMT
Content-Encoding
gzip
Age
834
X-Cache
HIT
Connection
keep-alive
Content-Length
27185
x-amz-id-2
jmPHSTdD+k8ayd42Pqq1o5U7QHSFRqvpt4dhTNKoW/YvU4H6y3V3ePRw+vvATuLJRwjaqMoLiDM=
X-Served-By
cache-hhn4078-HHN
Last-Modified
Wed, 24 Feb 2021 20:05:18 GMT
Server
AmazonS3
X-Timer
S1614474274.927269,VS0,VE0
ETag
"596fd560d5b9b5c40060211b38412188"
x-amz-request-id
F33D293141C28D8C
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
230
log.gif
includemodal.com/static/ Frame 9EE1 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=1614474272965&url=https://confiant-integrations.global.ssl.fastly.net/gpt/202102241456/wrap.js&o=https://www.sltrib.com/
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.148.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:33 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame 9EE1 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=1614474272965&url=https://confiant-integrations.global.ssl.fastly.net/prebid/202102241456/wrap.js&o=https://www.sltrib.com/
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.148.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:33 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
postback
s.srvsynd.com/2/1.22.2/234175/AGDXELUNEeNUUZK2/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/1.22.2/234175/AGDXELUNEeNUUZK2/postback?de=2&pv=7bff1dab-0531-492f-a8cf-47342679b943&ci=234175&ap=undefined&pp=100212&ui=00000000-0000-0000-0000-000000000000&md=2&sr=connatix.com&ti=x725249833209048290060919046144&to=3&dt=2341751597675869250012&di=www.sltrib.com&sid=AGDXELUNEeNUUZK2&oz_sc=aca1e1f87841ca039c3b34a6&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/1.22.2/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 28 Feb 2021 01:04:33 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
gen_204
pagead2.googlesyndication.com/pagead/ Frame F5B0 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022301&jk=689317380850878&bg=!WFulWxjNAAXB_3NtwTsAKQB2-DxavANnkSx3E7lyCiS_zxpLBZW3eZrD35f9evs_nuSWdaeyab2RAgAAAPtSAAAAfGgBBwoAFiTejUdkJjR9fQKJ5Xnt92s5iX9SX1GZAg1hkuaNlp87bVY304LDqL4Nml7FyrbphU98Vzii41iWxd4VJ8VzYvf4GKLke82Jgcslama5R3F-duNg6wIa3hYROgqYF2I8oBrNp4yqC4VkXOOMKb68NQ26_u7_Rk6nNC2qGXPEQieB1pn3e5spAhoa_cYSz7BmLdGEknU9tOYRh1tMe1niN1U2Ap29aBlo257-sKTO_4gkmIg4qUrAgvknCEMPzaGP0YPxxkFolxiUUKPbiMnXBWN9_WIBoEqCg5ODy8kw_1kagyn90FD2PqjumFcXBY220wmX7GLOqPruSbTRwZdnq3ajZAtkwXSK_MwRyXYyOTjOtPfvJe_sgB6rq7hH71Yk90iiwyYXtZANnG7KvvlWrrI4AbFvRKErr0Fd_SKmIldGVxa5TmLekWKQ6YC89aKxldDAJ4Ks0ZbP5d6PGn77W1GpUoZr9lGsT1NfRHqeSSlXi2kWCKGPmPQN2UQ0C0kOe1YYvTkdCdsgyZHr6R-kCQkoQq7Wnp2z4TEyFZIBlkam_mq53AF_d9ULP_ZGGSlbCcowweHyQaP7rw00e2gZEN4pXBbixErjWS21UmqtXQNdn2ytoSUtGWcEAaaXvY7jjonKVy-96yJQtmVFhMMqrAf_CM-UoKlwy9yZHaMx61WbTNe8MRB8profEmw68q4WxYC-0MmFgvoOAd3s2P7i1QMYzRXcsuc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E299 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022301&jk=3537484951060214&bg=!kJOlk9DNAAXB_3NtwTsAKQB2-DxaJq7GtVv-VaWbXaR5hnQtSynjn6ZR7JzGb9Cl1Fklo6Oh8hmhAgAAAVdSAAAAGmgBBwoANMjp0o42Z3QeUjLZ1kS5BMoTRI3R9Mrco3fCdGYlMSzSC8_hzmQcfEsu40Xpq8Cgc31fslyZAgYxx1WVdzCAdyE0N9Lq-kDV-hfYS2OFx1DbXd_BbAQibaL0PDgPKMKUdtJ4s33FRmHk7VSfBZ2ezuHAGsY3Wl7n4o1gjyjKXHP8vYFbs2nNjqUe1VS1oNhPSaFFUr2Ml8yK9vk59zvsdzFHFGSclVNIXDezd9KzpLcjkYpX4F75ExuinAf9O_a7Yl4lEA5ignT5tGw_pF4yOuVBk3V-6rb9OpDJZ7XaHZJOIdZ-tIJsmN0GavO3enqd-m1CNQ3ZdQmfLCTZDxDQQDI0OfmjGlCnEXDOQnhbLbX9XfyQgezlTFTt1WU49kdoAEhfbI6eiB40qyX2YWA0Ry-fIKZXvUlaYWOs8FodFV3W6ekRd9CAtfdAAiaAmcxjhJFFkKzocWaQZKvCZZciQBfM20KUs2Zq_Ka8TfLitV8BwI6Of-BIIJvN97mVZGmXAhwrBlmVaQ-1flC0zwJjITNAGUm8Bt4IvUl-FK9UFejr5GiSyNh0MAFBqxhh-4JNAXt4wGsd7l5ELyyL2zckbuaNsxjbiUYy0Nx1mC-4ctDwxDU665yxsl-JjxodWjqRd1Satb3Gq2E4PUKz-x7HmvNv_f_BqiU95zvHDq846r-A_tZpwrv9o0UV6e5wPyQ04mWX9Bmp4mH88d-yHliPTMHAfb29fD9WwW4tjlx2gfPy7yYJ02KszpETQXU7Tw
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012101070013000/ Frame D0EF 		185 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
183463
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53820
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ee5348f2de7cdf64"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame D0EF 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
183463
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4559
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c3a321a15743f406"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame D0EF 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
183463
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27206
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1f991b6a8daa2b14"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame D0EF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
183463
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1376
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"512b909f94eb26fb"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame D0EF 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
183463
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12793
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1e3ef417618f7e28"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D0EF 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Feb 2021 20:46:55 GMT
x-content-type-options
nosniff
server
cafe
age
15458
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 28 Feb 2021 20:46:55 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D0EF 		295 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Feb 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
10048
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 28 Feb 2021 22:17:05 GMT
truncated
/ Frame D0EF 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
74cd3ed45605474f63118457b06bf7aa574d0db7907c525715cbe7554559ccf3

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
16288207443951105248
tpc.googlesyndication.com/daca_images/simgad/ Frame D0EF 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/16288207443951105248
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af031efce3b2dbfae2095475699daaacb3a9d03f35fda811184bfff5d4d1b0e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:44:23 GMT
x-content-type-options
nosniff
age
62410
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69845
x-xss-protection
0
last-modified
Fri, 26 Feb 2021 14:03:32 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Feb 2022 07:44:23 GMT
l
www.google.com/ads/measurement/ Frame D0EF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSvpbkvdk6x7cYhtSqNVtFF_D-T9S2cVxI5kyUOxRd_AEg92dDrzkSUriEi6KRZa1CIJm7x
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame D0EF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cv9AnIew6YPu9JNiygQf_5ImgAvni5chhwdbdgrQN5IK7-5oCEAEg2Yb-ImDRgbmC0AegAYrj07YDyAECqQIWlSKLvMuFPuACAKgDAcgDCKoE7wFP0PyNPlEA5n8ZisOlNM8uDDQoYHT-mh4MVwZi4tJbDO1XKKosRHQhHGF5HuybFOg2tyBMUuaA1o4eUHDDdiNMHqx_lFlJ3Gl-xs1aHwR7BrkwJ2nfRyCRuEvh3lXRgXn4LP8iKYQs064l1WgijKZvWZ5IQjbCtac36-p9Y9KuXWFKwM_GKItHnBAIy8-ag6R6zXXOZDqnDey-R9AV9Ge8AsNtHUvZRw1ZZcH5mlYe5r1tKGGL2lcdocgSWg8wIx-U2c2pNSDEhHUwRrbAAsKcGmTnJYhLZZHbtld4VR63cuzaBRB4drpz4CMg1ygp2MAE3vuKsKwD4AQBkgUECAQYAZIFBAgFGASgBgKAB5fGuieoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQr9gw0ggJCIDhgHAQARgdgAoDyAsB2BMNshcaChgIABIUcHViLTUxNjI1NTk2OTU1Nzk2MTQ&sigh=VFuo8CL7eeM&tpd=AGWhJmsD2iiS4X26XWcJ8NEfwOP_QkzaqRcMwApQI3UovTZNag
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame D0EF
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date
Sun, 28 Feb 2021 01:04:33 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 9EE1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssq3iup2VzRxJ224au_Pf1iOZGQ-XeWCuRaWSCOr8gQKY74Qy11FhCjLDbFPQCqVIEktjZkcfbJFx0G46nNw4Fdl18IZyB_XsMwKVs4Y95HvLX7dLVqY5huas1CkACn-iY6Ow_cklnt5xQS0rCYJJu834uW2cgvGzSoOx21ZSGJdKGcpVRZZK_WSUEtxEjtpf2f5ueuvgHMEgp_bwosA5sWZhH71GL1IeGH8Rn5dShT7WIoStj_grJmyXRXwbgQ__DN17GEim2CqPofhTX_eZK1zYejDw0KKwmBxYZHFdQfP1z38RLtM7--jGbT4StCAlGZMW4&sig=Cg0ArKJSzDVOjzoOsGtOEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Feb 2021 01:04:34 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:04:34 GMT
postback
s.srvsynd.com/2/1.22.2/234175/AGDXELUNEeNUUZK2/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/1.22.2/234175/AGDXELUNEeNUUZK2/postback?de=2&pv=7bff1dab-0531-492f-a8cf-47342679b943&ci=234175&ap=undefined&pp=100212&ui=00000000-0000-0000-0000-000000000000&md=2&sr=connatix.com&ti=x725249833209048290060919046144&to=3&dt=2341751597675869250012&di=www.sltrib.com&sid=AGDXELUNEeNUUZK2&oz_sc=aca1e1f87841ca039c3b34a6&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/1.22.2/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 28 Feb 2021 01:04:33 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.srvsynd.com/2/1.22.2/234175/AGDXELUNEeNUUZK2/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/1.22.2/234175/AGDXELUNEeNUUZK2/postback?de=2&pv=7bff1dab-0531-492f-a8cf-47342679b943&ci=234175&ap=undefined&pp=100212&ui=00000000-0000-0000-0000-000000000000&md=2&sr=connatix.com&ti=x725249833209048290060919046144&to=3&dt=2341751597675869250012&di=www.sltrib.com&sid=AGDXELUNEeNUUZK2&oz_sc=aca1e1f87841ca039c3b34a6&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/1.22.2/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 28 Feb 2021 01:04:33 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
activeview
pagead2.googlesyndication.com/pcs/ Frame 903C 		42 B
66 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst_UlEXVkrRNkzP_IUQJPvAg_LGm6FlXNUVjhec7OQrcCRX8JJJicKZDpiqTJY_P9shCCL6eC8i5ftQ4jbAQY0oWwFdaI3OpnExx2n6zoBymDW3Qk4TGrDu4vvN8uvGzlikQUwmLcLX_WRODzDw19mh&sai=AMfl-YRMlR6nuOHIYNSwnY0qgVRwVlbnfFpZCrrY1R4xEFOXxPo5ggFE4eTHjT8QRVW0w5PXk2QSMAb_s1r8IzY32TveyDSq_HQ6aGWqqwf8ihv5NnNzVaWfajpgiyc&sig=Cg0ArKJSzAxw0I_AdxH9EAE&cid=CAASPeRow1bFbqVnJqsyca70ok6-UjsQJ1HERYmQy6ugUSE7asjjVpa05ouIuYXW07SPp4bTdbnFbeJifptNEIE&id=osdim&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210226&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=1876508345&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1614474273061&dlt=55&rpt=324&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a828656d04a9d8773a73dee54db9d850.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A07F 		42 B
89 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvMz_oZWuHBM3Z4eDa6TOkiaWSNmvz-HJqkZWV7GMCoGiCMdnvMwd-wHm7tbDEW7blOernzfvupeuTsOymr0icjNDB72FSHl4qmYyAueJU3CoUDpoQ3&sig=Cg0ArKJSzAUzhUYwaJxoEAE&id=osdim&mcvt=1001&p=2220,460,2310,1600&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210226&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1607307675&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1614474273206&dlt=0&rpt=107&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
165ab441-afbe-44fd-9cce-d8ebb061621b
https://www.sltrib.com/ 		476 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.sltrib.com/165ab441-afbe-44fd-9cce-d8ebb061621b
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
573dd332efcaf9ab1ae7f7e72bbbd65aa0c6b9223c4bcead7be3aa25685cba4e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
476
gpt.js
www.googletagservices.com/tag/js/ Frame 9EE1 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
213b9ca5a900159a345f090a85fc24bed8dac9ed54fb205682469fecb53f12d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"797 / 143 of 1000 / last-modified: 1614381521"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19359
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:04:34 GMT
pubads_impl_2021022301.js
securepubads.g.doubleclick.net/gpt/ Frame 9EE1 		290 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202102241456/wrap.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
sffe /
Resource Hash
870b2aa31c41ba833e28e8e1eb5d6e4ed828cadf9d40a40a6ebf343a0abdc4b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 23 Feb 2021 09:41:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104129
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:04:34 GMT
postback
s.srvsynd.com/2/1.22.2/234175/AGDXELUNEeNUUZK2/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/1.22.2/234175/AGDXELUNEeNUUZK2/postback?de=2&pv=7bff1dab-0531-492f-a8cf-47342679b943&ci=234175&ap=undefined&pp=100212&ui=00000000-0000-0000-0000-000000000000&md=2&sr=connatix.com&ti=x725249833209048290060919046144&to=3&dt=2341751597675869250012&di=www.sltrib.com&sid=AGDXELUNEeNUUZK2&oz_sc=aca1e1f87841ca039c3b34a6&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/1.22.2/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 28 Feb 2021 01:04:34 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
event
event.insticator.com/v1/ Frame 9EE1 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.158.142.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://www.sltrib.com
date
Sun, 28 Feb 2021 01:04:34 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Server
54.158.142.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
access-control-allow-origin,content-type
Origin
https://www.sltrib.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 28 Feb 2021 01:04:34 GMT
content-length
0
vary
Origin
access-control-max-age
3600
access-control-allow-origin
https://www.sltrib.com
access-control-allow-headers
access-control-allow-origin,content-type
access-control-allow-methods
POST
access-control-allow-credentials
true
integrator.js
adservice.google.de/adsid/ Frame 9EE1 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sltrib.com
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202102241456/wrap.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Feb 2021 01:04:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9EE1 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sltrib.com
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202102241456/wrap.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Feb 2021 01:04:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 9EE1 		48 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=6773488466922&correlator=1052876433082296&output=ldjh&impl=fif&eid=31060237%2C21068111&vrg=2021022301&ptt=17&sc=1&sfv=1-0-37&ecs=20210228&iu_parts=27794161%2Cwral.com_Web_300x250_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C320x100%7C300x250%7C250x250%7C320x50&prev_scp=h%3D1%26shb%3D1%26tg%3D0%26amznbid%3D2%26amznp%3D2%26p%3DBTF%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&cookie=ID%3Daf3312b7756ee573%3AT%3D1614474271%3AS%3DALNI_Ma0fGtOdACciQnK37FFp87ezygU8w&cdm=www.sltrib.com&bc=31&abxe=1&lmt=1614474274&dt=1614474274664&dlt=1614474272871&idt=1739&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=749415143&ucis=18r44wlmxeu0&ifi=1&ifk=3215379662&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fwww.sltrib.com%2F&top=https%3A%2F%2Fwww.sltrib.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x-1&ga_vid=318633835.1614474268&ga_sid=1614474275&ga_hid=1851174249&ga_fc=true&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
069f4da518e5b49fe4181fb2da29f9f8fa58560bb51f6de82767596ca3fd5976
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13079
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 9EE1 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202102241456/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 9EE1 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202102241456/wrap.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 7C40 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202102241456/wrap.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html?n=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.sltrib.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Sun, 28 Feb 2021 01:04:34 GMT
expires
Mon, 28 Feb 2022 01:04:34 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
log.gif
includemodal.com/static/ Frame F0EF 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=0dfd2ed8-59d0-402b-ae31-10fbbf344e71&url=https://protected-by.clarium.io%22/%3F&o=https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.148.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:35 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame F0EF 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=0dfd2ed8-59d0-402b-ae31-10fbbf344e71&url=https://%22%29%2Cl%3Dp.indexof%28%22/%3F&o=https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.148.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:35 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
osd.js
www.googletagservices.com/activeview/js/current/ Frame 9EE1 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
946d9a7a03fb3be233ea45625f62ecc13c46743c63f0b2d0b8588e4ec1436d13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614342938524533"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:04:35 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9EE1 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14cc9990d2d20705c74a9f3da3530bcfe366a90dfb6f8dee22afcc1dd85543b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Feb 2021 01:04:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6537
x-xss-protection
0
spam_signals_bundle_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/elements/html/spam_signals/ Frame 7C40 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/elements/html/spam_signals/spam_signals_bundle_fy2019.js
Requested by
Host: 656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com
URL: https://656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7cb0567c7f8816067f80508b906ccdad89e9e76e05573464926eec5a5276d84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 00:37:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1637
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2773
x-xss-protection
0
server
cafe
etag
3338119961263385223
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Mar 2021 00:37:18 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 7C40 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com
URL: https://656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:03:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
896
x-xss-protection
0
server
cafe
etag
948078048762640732
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Mar 2021 01:03:24 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame 7C40 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js
Requested by
Host: 656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com
URL: https://656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 00:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1178
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
18079855114753437313
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Mar 2021 00:44:57 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 7C40 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js
Requested by
Host: 656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com
URL: https://656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 00:58:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
384
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Mar 2021 00:58:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7C40 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com
URL: https://656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614342950420569"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33470
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:04:35 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 7C40 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com
URL: https://656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 00:41:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1372
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6139
x-xss-protection
0
server
cafe
etag
4905056106247604317
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Mar 2021 00:41:43 GMT
l
www.google.com/ads/measurement/ Frame 7C40 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaStiIDsdXa8YI_ibMfftaVqx9wEt-mamDmnQmfldq6Ty1txiBqoP3K_fG06ETplkYokSn5Fz_WBRQ3HNzwwuHM_f8a4YA
Requested by
Host: 656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com
URL: https://656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
5d4b6918ba53c75bacf90c3e9a55021e.js
www.gstatic.com/mysidia/ Frame 7C40 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5d4b6918ba53c75bacf90c3e9a55021e.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com
URL: https://656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
292e3b9fa7eff78d18f9f28e666f940c96696c6a2aa4dd543227f82d0c6c21c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 14:11:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Feb 2021 08:27:31 GMT
server
sffe
age
211956
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10833
x-xss-protection
0
expires
Wed, 26 May 2021 14:11:59 GMT
pixel
protected-by.clarium.io/ Frame 7C40 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0LzIxMjQ4OTY1NjA6MzM2eDI4MA==&v=5&s=v31evj2kq83&id=eyJkZnAiOnsiYWQiOjQ0MjU0NjU4MDMsImMiOm51bGwsImwiOjAsIm8iOjIxMjQ4OTY1NjAsIkEiOiIvMjc3OTQxNjEvd3JhbC5jb21fV2ViXzMwMHgyNTBfMyIsInkiOjIwOTkwNCwiY28iOjAsInMiOiJkaXYtaW5zdGljYXRvci1hZC0zIn19&sb=3&cb=1918469&h=www.sltrib.com&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEx6SXhNalE0T1RZMU5qQTZNek0yZURJNE1BPT0iLCJ3ZCI6eyJvIjoyMTI0ODk2NTYwLCJ3IjoiMzM2IiwiaCI6IjI4MCJ9LCJ3ciI6Mn0=
Requested by
Host: 656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com
URL: https://656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.58.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer
https://656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:35 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9EE1 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202102241456/wrap.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:04:35 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 7C40 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C0kC5Iuw6YK2fLIqygQewuo-YDqLdxrthkPTmz4UNv-EeEAEg6fe2T2DRgbmC0AegAea4m8kDyAEGqQJuG0K1R0JjPuACAKgDAcgDmwSqBOcBT9Cm_-0jDQjTw62o-hMHAYImeMb5c5__9vjgr5Mnf8sjIG8ZNoMaldSvHc2bk8Jn5dathu886WE2N9V6k9t6GN16ejofY1NGoUEz2we7AUBETwv1ZbY4vuc4gR1VNGqimcQpl44tfNZEuQhfwL_34rlTTX1Mg5odJUMZ0qfINumFWCBRh_mClM4AweL4J2LK7YBIDaABWOPMf21rJO1Zxzhu94Fyv_b0RYcmL1tjF4xBkCbFDlO-7mEcb-aHh4tkabsSL5gXclDs4n5fHpcSR9pNLdQrzlI3UsWWjGi37Rtgk27cS2C6wAT-5rf9uQPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGN4AHg_7KNagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHAxCzQ9IICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMjQxOTEyOTY2MTUxMjgxMoAKA8gLAdgTDbIXGgoYCAASFHB1Yi03NjMwOTYxMTYzNjQzMTM3&sigh=VT--ujCKkTM&template_id=492&tpd=AGWhJmsGA7-9BJaDdhMqVLxfExIn4cOjbCVK2Ps5v4oyA3ostA
Requested by
Host: 656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com
URL: https://656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6EFB 		1 KB
854 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com
URL: https://656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 27 Feb 2021 15:30:58 GMT
expires
Sun, 28 Feb 2021 15:30:58 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
34417
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame ECA3 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202102241456/wrap.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.sltrib.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Sun, 28 Feb 2021 00:42:46 GMT
expires
Mon, 28 Feb 2022 00:42:46 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1309
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
current
dclk-match.dotomi.com/match/bounce/ Frame 6EFB 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEAaRGOVt1x62HBiPoTJ2rmg&google_cver=1&google_push=AQvitULdz20yWGfzV4JXilbNLlKVGdbIdo3OfEy5BwmWgZS4BK_kCwnKxdbehd1YsLZcw-t_SM1mu_Q2gqluFCLtKNFY_TyGF8Y
Requested by
Host: 656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com
URL: https://656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:35 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 6EFB
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEPx5uqAOmBpCYgkcLfmOXRM&google_cver=1&google_push=AQvitULQB-hztaCEfrxvcaRfbRWExQrZehUYUK6VrCqA60i3F2VaAwqZP7yR8-Ed-734GPl8BMmW2z6sBGbjqaKyEQY9_wNmuQ
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULQB-hztaCEfrxvcaRfbRWExQrZehUYUK6VrCqA60i3F2VaAwqZP7yR8-Ed-734GPl8BMmW2z6sBGbjqaKyEQY9_wNmuQ&google_hm=nMgf1ZYEgMyjH4q2LZ8wzg==
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULQB-hztaCEfrxvcaRfbRWExQrZehUYUK6VrCqA60i3F2VaAwqZP7yR8-Ed-734GPl8BMmW2z6sBGbjqaKyEQY9_wNmuQ&google_hm=nMgf1ZYEgMyjH4q2LZ8wzg==
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:35 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULQB-hztaCEfrxvcaRfbRWExQrZehUYUK6VrCqA60i3F2VaAwqZP7yR8-Ed-734GPl8BMmW2z6sBGbjqaKyEQY9_wNmuQ&google_hm=nMgf1ZYEgMyjH4q2LZ8wzg==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
8kkn200j8lttl0mejmsgi3ngf5s318rc
pixel
cm.g.doubleclick.net/ Frame 6EFB
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJgGqmekrm1OSju1B79KdX0&google_cver=1&google_push=AQvitULl27xjtqxuQQDG2ecGTRLVcrc1gshV0PKVz7iExoxxPSRum17MZwJ6UvpOc-4V7NHySHn...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xPR0FPM1QtOC1FMzQx&google_push=AQvitULl27xjtqxuQQDG2ecGTRLVcrc1gshV0PKVz7iExoxxPSRum17MZwJ6UvpOc-4V7NHySHnh0IfV9Jx98r4TDjGoLZWElHo
170 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xPR0FPM1QtOC1FMzQx&google_push=AQvitULl27xjtqxuQQDG2ecGTRLVcrc1gshV0PKVz7iExoxxPSRum17MZwJ6UvpOc-4V7NHySHnh0IfV9Jx98r4TDjGoLZWElHo
Requested by
Host: 656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com
URL: https://656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xPR0FPM1QtOC1FMzQx&google_push=AQvitULl27xjtqxuQQDG2ecGTRLVcrc1gshV0PKVz7iExoxxPSRum17MZwJ6UvpOc-4V7NHySHnh0IfV9Jx98r4TDjGoLZWElHo
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
pixel
cm.g.doubleclick.net/ Frame 6EFB
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKX9pF_ySpXEWgTi6Pygn5I&google_cver=1&google_push=AQvitUKyal0gLLl0hAl-VMFnifg5ZNA34voHKPOZg-mj9rYq4NNUlgsLWEDHmclsVgqd6tRQ_hzOODrvMh8cpW-UF...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKX9pF_ySpXEWgTi6Pygn5I&google_cver=1&google_push=AQvitUKyal0gLLl0hAl-VMFnifg5ZNA34voHKPOZg-mj9rYq4NNUlgsLWEDHmclsVgqd6tRQ_hzOODrvMh8cpW-UF...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUKyal0gLLl0hAl-VMFnifg5ZNA34voHKPOZg-mj9rYq4NNUlgsLWEDHmclsVgqd6tRQ_hzOODrvMh8cpW-UF8EA383_u2M&google_hm=6dce3330b22f3594af03f2ea
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUKyal0gLLl0hAl-VMFnifg5ZNA34voHKPOZg-mj9rYq4NNUlgsLWEDHmclsVgqd6tRQ_hzOODrvMh8cpW-UF8EA383_u2M&google_hm=6dce3330b22f3594af03f2ea
Requested by
Host: 656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com
URL: https://656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 28 Feb 2021 01:04:35 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUKyal0gLLl0hAl-VMFnifg5ZNA34voHKPOZg-mj9rYq4NNUlgsLWEDHmclsVgqd6tRQ_hzOODrvMh8cpW-UF8EA383_u2M&google_hm=6dce3330b22f3594af03f2ea
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 6EFB
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEJhnlirPZv0R_cBooIRVZAQ&google_cver=1&google_push=AQvitUJ85Te4K0eqvY9N7VM26QddABhX8ZkdXI30NzqkyZGiltVHui5TBoUzS4vLh4i8vzAIDrLu4pUDD-K-vk_kNE-QQx...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=d3d4-WOGRRCnqOWICUyEsg&google_push=AQvitUJ85Te4K0eqvY9N7VM26QddABhX8ZkdXI30NzqkyZGiltVHui5TBoUzS4vLh4i8vzAIDrLu4pUDD-K-vk_...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=d3d4-WOGRRCnqOWICUyEsg&google_push=AQvitUJ85Te4K0eqvY9N7VM26QddABhX8ZkdXI30NzqkyZGiltVHui5TBoUzS4vLh4i8vzAIDrLu4pUDD-K-vk_kNE-QQxWkxZ0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=d3d4-WOGRRCnqOWICUyEsg&google_push=AQvitUJ85Te4K0eqvY9N7VM26QddABhX8ZkdXI30NzqkyZGiltVHui5TBoUzS4vLh4i8vzAIDrLu4pUDD-K-vk_kNE-QQxWkxZ0
date
Sun, 28 Feb 2021 01:04:35 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 6EFB
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEI...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitULuvUgZIyEUZrYJgLU3XlCGGp6Mv4izY8lHvbrpWGmOdJV8UJ97ncrUs4X1CIRGDzxeEc1pHKNdKvXEwlwfaSnWHDq3CS4&google_hm=
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitULuvUgZIyEUZrYJgLU3XlCGGp6Mv4izY8lHvbrpWGmOdJV8UJ97ncrUs4X1CIRGDzxeEc1pHKNdKvXEwlwfaSnWHDq3CS4&google_hm=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:35 GMT
Server
Tengine
ETag
OPTOUT
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitULuvUgZIyEUZrYJgLU3XlCGGp6Mv4izY8lHvbrpWGmOdJV8UJ97ncrUs4X1CIRGDzxeEc1pHKNdKvXEwlwfaSnWHDq3CS4&google_hm=
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
pixel
cm.g.doubleclick.net/ Frame 6EFB
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEMDs4OkJdmbs07-OiKBXIsk&google_cver=1&google_push=AQvitUIoCoa0NorMoqpTzCDuYqGGP34e8WM8xcrpScnx1BkZh9__Kq5zP1TEn7J4hGh8SclWZfwgtf...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUIoCoa0NorMoqpTzCDuYqGGP34e8WM8xcrpScnx1BkZh9__Kq5zP1TEn7J4hGh8SclWZfwgtfdW38eQycnQdAK-Vj6vFQ&google_hm=OTA5MDgyMDEx...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUIoCoa0NorMoqpTzCDuYqGGP34e8WM8xcrpScnx1BkZh9__Kq5zP1TEn7J4hGh8SclWZfwgtfdW38eQycnQdAK-Vj6vFQ&google_hm=OTA5MDgyMDExNjM3MTgxNjYzMA%3D%3D
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUIoCoa0NorMoqpTzCDuYqGGP34e8WM8xcrpScnx1BkZh9__Kq5zP1TEn7J4hGh8SclWZfwgtfdW38eQycnQdAK-Vj6vFQ&google_hm=OTA5MDgyMDExNjM3MTgxNjYzMA%3D%3D
date
Sun, 28 Feb 2021 01:04:35 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 6EFB 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IIYVQpDX6wYvXA4Q7B7ed0eQLlcDkUJJqZVlkVeO11_kGjK9G2Man4Kzt1y7jibY8VpJBh
Requested by
Host: 656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com
URL: https://656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:35 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
T-Hew4zKFoEuSiaqIGgqIslCHcmG-ErS7x6AqoEqFIc.js
pagead2.googlesyndication.com/bg/ Frame ECA3 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/T-Hew4zKFoEuSiaqIGgqIslCHcmG-ErS7x6AqoEqFIc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fe1dec38cca16812e4a26aa20682a22c9421dc986f84ad2ef1e80aa812a1487
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 20:36:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
102462
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6212
x-xss-protection
0
expires
Sat, 26 Feb 2022 20:36:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9EE1 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022301&jk=6773488466922&bg=!np2lnd7NAAXB_3NtwTsAKQB2-Dxaj075_m44LnTgLKuALN5KuXR8gzxQHdiVoeKiAPK9cdycwW8tAgAAAGxSAAAAD2gBBwoBAQG6_JdQGmuWBn4MZaWlICOhZjqpcMgM5tt8nWVWoJeUKB0YzDdLkLDG0qPhkZX1MzCVy_fLiIv6PJ9VtIvHl_mTNknxfJq1jk-WaF0jgwyfyVFLdfKsM0Y4nQ8os544gq2Q5V7EMWWgRIz2JSzZn_Yzrs530bgD0zqMM_5tBL53zTTdXFI5u5dzwcyGZTJ2-yzdvbbE1r1QGzMootScdZ5w6UAaVSZCEhLtb8yqpa8QjW8sTe5yPS-iJPybDWzdnbLmw3gy_X6eNFJs4G9JRTYPokSjDDI4gXvrtIAop4yg-KLC_GwmZPOEHKLRLeNnlipznnquf7pnbhzrAcMxUT8vmQIquTnfKO2o28xf3zfZCyv3RnRfsydCFjovbY0tpGkmJNGCSgO0KL0mkaXa3078EgWMyYZBtXt6vjBOf4GEGoTWe76fbEDEncYdGzBM3aAxH8fOcYUbqph4UX1NWGESQw2SwhEtyo69nVwTQv38HkjtVQlmm1pfP17YS23ATVGtqjVi_XZ8jblenT3be6ONsyE1g08WUtiS8VkrOY1z_x5q6htGG3Ctrv_HDtgDZfUzNeX5C8OeNn3M_tmdA3kXqrlhH2b50vyBIldm7d9JyUaaL8iTVUznjylb6eXvn2VscjiAJOhIgNnBlk9BTEOfWmSHBsAH6qgpfcVvpAvzZnPiFZHc1CzfplNnMD_sbqY-9rd6jAyOTUcgOQzBpna0aV3JRfFG54FtGYorK-_3oEk7kVHr835TiIw9NHF_euCZK6Ys3Wq6bH7IBOO92UJ7-COFGk4XAN7NS-4QaDOImbaH1328ctWZmJK5nVY9NwrcAaqbKpsnekjrtrXzbGYBsbHfWlwSUNskZcl8I-9Y3R7FHHQHYQTq8txfRmj188uoNWOigTminXSsDquiZL8npveCfJ5xZ5Q3Zy9ZfjwMBrCbnpXN_5HhNRi-FS4M21i8ry42r05HRJTZO8fpG_O-mfJplxRyFgM-l_3kMM9lpWLJuGf6y7CEDWAxUGgYM5xGlxtPjM22kJiGMcubmVZHg1v-mZjCd2E8kz_kGGYx9HuMgFs_M27-zVyqhL8
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
x.yieldlift.com/ Frame E299
Redirect Chain
  • https://cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24E...
  • https://cs.emxdgt.com/umcheck?apnxid=5903572975545028132&redirect=https://x.yieldlift.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&uid=$EMXUID
  • https://x.yieldlift.com/setuid?bidder=emx_digital&uid=5903572975545028132brt222551614474275745334f1
0
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=emx_digital&uid=5903572975545028132brt222551614474275745334f1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.21.136 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept
application/json
Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8

Redirect headers

location
https://x.yieldlift.com/setuid?bidder=emx_digital&uid=5903572975545028132brt222551614474275745334f1
date
Sun, 28 Feb 2021 01:04:35 GMT
content-length
0
content-type
text/html
sync.php
pixel.rubiconproject.com/exchange/ Frame E299 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif
dds
rtb.openx.net/sync/ Frame E299
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=nMgf1ZYEgMyjH4q2LZ8wzg==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:35 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
clear
content-length
43
x-request-id
0a4luqpqvrp0ccpejlf5io128gqfdnos

Redirect headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
x.yieldlift.com/ Frame E299
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.yieldlift.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526uid%253D%2524UID
  • https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=2868501285207855889
0
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=2868501285207855889
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.21.136 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept
application/json
Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8

Redirect headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:35 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.154:80
AN-X-Request-Uuid
747a94ef-c247-461b-90bb-09b6d2a313fe
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=2868501285207855889
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
x.yieldlift.com/ Frame E299
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BRX_UUID%5D
  • https://x.yieldlift.com/setuid?bidder=rhythmone&gdpr=&gdpr_consent=&us_privacy=&uid=OPTOUT
0
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=rhythmone&gdpr=&gdpr_consent=&us_privacy=&uid=OPTOUT
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.21.136 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept
application/json
Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8

Redirect headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:35 GMT
Server
Tengine
ETag
OPTOUT
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://x.yieldlift.com/setuid?bidder=rhythmone&gdpr=&gdpr_consent=&us_privacy=&uid=OPTOUT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
us.gif
sync.go.sonobi.com/ Frame E299 		49 B
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BUID%5D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:35 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
dds
rtb.openx.net/sync/ Frame F5B0
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=nMgf1ZYEgMyjH4q2LZ8wzg==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:35 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
clear
content-length
43
x-request-id
lgo8r01mvkrhsf238hqlnvimr6mqg0tk

Redirect headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame F5B0 		49 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BUID%5D
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:35 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
x.yieldlift.com/ Frame F5B0
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.yieldlift.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526uid%253D%2524UID
  • https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=5903572975545028132
0
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=5903572975545028132
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.21.136 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept
application/json
Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8

Redirect headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:35 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.122:80
AN-X-Request-Uuid
62cd10ea-f412-4985-98b5-4f524135d58e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=5903572975545028132
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
x.yieldlift.com/ Frame F5B0
Redirect Chain
  • https://cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24E...
  • https://cs.emxdgt.com/umcheck?apnxid=5903572975545028132&redirect=https://x.yieldlift.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&uid=$EMXUID
  • https://x.yieldlift.com/setuid?bidder=emx_digital&uid=5903572975545028132brt222551614474275745334f1
0
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=emx_digital&uid=5903572975545028132brt222551614474275745334f1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.21.136 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept
application/json
Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8

Redirect headers

location
https://x.yieldlift.com/setuid?bidder=emx_digital&uid=5903572975545028132brt222551614474275745334f1
date
Sun, 28 Feb 2021 01:04:35 GMT
content-length
0
content-type
text/html
setuid
x.yieldlift.com/ Frame F5B0
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BRX_UUID%5D
  • https://x.yieldlift.com/setuid?bidder=rhythmone&gdpr=&gdpr_consent=&us_privacy=&uid=OPTOUT
0
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=rhythmone&gdpr=&gdpr_consent=&us_privacy=&uid=OPTOUT
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.21.136 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept
application/json
Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8

Redirect headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:35 GMT
Server
Tengine
ETag
OPTOUT
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://x.yieldlift.com/setuid?bidder=rhythmone&gdpr=&gdpr_consent=&us_privacy=&uid=OPTOUT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
sync.php
pixel.rubiconproject.com/exchange/ Frame F5B0 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif
postback
s.srvsynd.com/2/1.22.2/234175/AGDXELUNEeNUUZK2/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/1.22.2/234175/AGDXELUNEeNUUZK2/postback?de=2&pv=7bff1dab-0531-492f-a8cf-47342679b943&ci=234175&ap=undefined&pp=100212&ui=00000000-0000-0000-0000-000000000000&md=2&sr=connatix.com&ti=x725249833209048290060919046144&to=3&dt=2341751597675869250012&di=www.sltrib.com&sid=AGDXELUNEeNUUZK2&oz_sc=aca1e1f87841ca039c3b34a6&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/1.22.2/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 28 Feb 2021 01:04:37 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.srvsynd.com/2/1.22.2/234175/AGDXELUNEeNUUZK2/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/1.22.2/234175/AGDXELUNEeNUUZK2/postback?de=2&pv=7bff1dab-0531-492f-a8cf-47342679b943&ci=234175&ap=undefined&pp=100212&ui=00000000-0000-0000-0000-000000000000&md=2&sr=connatix.com&ti=x725249833209048290060919046144&to=3&dt=2341751597675869250012&di=www.sltrib.com&sid=AGDXELUNEeNUUZK2&oz_sc=aca1e1f87841ca039c3b34a6&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/1.22.2/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 28 Feb 2021 01:04:38 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
st
capi.connatix.com/tr/ Frame A87A 		0
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/st?v=104830
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.217.204.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Sun, 28 Feb 2021 01:04:39 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.sltrib.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
369.json
id5-sync.com/g/v2/ Frame 9EE1 		606 B
926 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/369.json?gdpr_consent=&gdpr=0
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.22 , France, ASN16276 (OVH, FR),
Reverse DNS
p09.id5-sync.com
Software
/
Resource Hash
6e1b4d56ffa145f77c6f76df3ddcbfb6737f8df766bfccfb2292c7736905cf0a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.sltrib.com
Date
Sun, 28 Feb 2021 01:04:55 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame 9EE1 		0
46 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=88
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.207.148 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
148.207.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 28 Feb 2021 01:04:40 GMT
via
1.1 google
alt-svc
clear
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
index.html
cdn.districtm.io/ids/ Frame A5C4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.sltrib.com/

Response headers

date
Sun, 28 Feb 2021 01:04:40 GMT
set-cookie
__cfduid=d364218f19080305cb28040ec011a267a1614474280; expires=Tue, 30-Mar-21 01:04:40 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
cf-request-id
0887c395f20000737b36190000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
62863b9cb840737b-CPH
sync.html
cdn.aralego.net/ucfad/cookie/ Frame B577 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4cc2c709011178c06e10f7c74ba463f3e4df26d12c2b11809287f6a9a352f50

Request headers

:method
GET
:authority
cdn.aralego.net
:scheme
https
:path
/ucfad/cookie/sync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.sltrib.com/

Response headers

date
Sun, 28 Feb 2021 01:04:40 GMT
content-type
text/html
set-cookie
__cfduid=dc5b7f0414ade884edd544f70e0d016c01614474280; expires=Tue, 30-Mar-21 01:04:40 GMT; path=/; domain=.aralego.net; HttpOnly; SameSite=Lax
last-modified
Wed, 16 Dec 2020 08:30:52 GMT
access-control-allow-credentials
true
cache-control
max-age=14400
cf-cache-status
HIT
age
6533
cf-request-id
0887c395fe00004de8fda34000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UakqO%2B3wD1Pm91XNcJOBen1HtNPvGNTegpr1P2cqwDjVk6xpfQkelKZYd98XDM%2BRy%2BawJt7alYmvrja3yJABlrr%2BeHLXSOP89qH8Apq8yy6nWvRu9ZuzjXbRidM%3D"}]}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
62863b9cc87c4de8-FRA
content-encoding
br
Cookie set check.html
biddr.brealtime.com/ Frame 5323 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sltrib.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.sltrib.com/

Response headers

Date
Sun, 28 Feb 2021 01:04:40 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d8fc906baae2402f242cd02c6154e10a31614474280; expires=Tue, 30-Mar-21 01:04:40 GMT; path=/; domain=.brealtime.com; HttpOnly; SameSite=Lax
x-amz-id-2
uReFd/UqI7JjrlgWJAxnIxML3AQVtaGYAP8/JK0Q28FkeXJwGRDICFM4+q+jF+OBQWMYLC5ZiFg=
x-amz-request-id
4564552171D75343
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
3626
Expires
Sun, 28 Feb 2021 01:05:40 GMT
Cache-Control
public, max-age=60
cf-request-id
0887c39625000010c562300000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
62863b9d0e0810c5-CPH
Content-Encoding
gzip
pd
eu-u.openx.net/w/1.0/ Frame 9495
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=1
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=1
668 B
721 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
7c431365487518b64fc480eb7c1c0e033ff3949165bc2ebb6049c15bfc8ea838

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=2cfbfc3e-84fa-0f49-2f1b-5ef57bab60ea|1614474280
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.sltrib.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=2cfbfc3e-84fa-0f49-2f1b-5ef57bab60ea|1614474280; Version=1; Expires=Mon, 28-Feb-2022 01:04:40 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1614474280|gekin0vNiygu; Version=1; Expires=Mon, 15-Mar-2021 01:04:40 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.202.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sun, 28 Feb 2021 01:04:40 GMT
content-type
text/html
content-length
418
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=2cfbfc3e-84fa-0f49-2f1b-5ef57bab60ea|1614474280; Version=1; Expires=Mon, 28-Feb-2022 01:04:40 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.202.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=1
date
Sun, 28 Feb 2021 01:04:40 GMT
content-length
0
via
1.1 google
alt-svc
clear
usersync.html
ad-cdn.technoratimedia.com/html/ Frame 3A7C 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_3.27.1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F6B2) /
Resource Hash
688e1a13a6ab7e1a00ca53de2288ddc2abcaedb690040b04803cd22ce9334332

Request headers

:method
GET
:authority
ad-cdn.technoratimedia.com
:scheme
https
:path
/html/usersync.html?src=prebid_prebid_3.27.1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.sltrib.com/

Response headers

content-encoding
gzip
accept-ranges
bytes
access-control-allow-origin
*
age
841
cache-control
max-age=900
content-type
text/html; charset=UTF-8
date
Sun, 28 Feb 2021 01:04:40 GMT
etag
"41cc-5b96de62f8100"
expires
Sun, 28 Feb 2021 01:19:40 GMT
last-modified
Thu, 21 Jan 2021 19:15:48 GMT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
server
ECAcc (ska/F6B2)
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-varnish
244023359
content-length
5388
ixmatch.html
js-sec.indexww.com/um/ Frame 65FA 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sltrib.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.sltrib.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Sun, 28 Feb 2021 01:04:40 GMT
Content-Length
1151
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame 2AC2 		291 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sltrib.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.sltrib.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"4000c-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Sun, 28 Feb 2021 01:04:40 GMT
Connection
keep-alive
Vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame E552 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=d3IMIqZxWr6j9iaKkGJozW&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.22 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-110.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&ru=deb&id=d3IMIqZxWr6j9iaKkGJozW&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.sltrib.com/

Response headers

x-33x-status
2000208
server
33XP001
date
Sun, 28 Feb 2021 01:04:39 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame C010 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sltrib.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.sltrib.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=26520
Expires
Sun, 28 Feb 2021 08:26:40 GMT
Date
Sun, 28 Feb 2021 01:04:40 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9926 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sltrib.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.sltrib.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Wed, 24 Feb 2021 05:50:24 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sun, 28 Feb 2021 01:04:40 GMT
Age
69249
X-Served-By
cache-lga21946-LGA, cache-fra19151-FRA
X-Cache
HIT, HIT
X-Cache-Hits
4, 382531
X-Timer
S1614474281.516709,VS0,VE0
Vary
Accept-Encoding
setuid
prebid.a-mo.net/ Frame 9EE1
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4ef1a2df-1790-4066-9b45-39436a39a8bf%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4ef1a2df-1790-4066-9b45-39436a39a8bf%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://prebid.a-mo.net/setuid?A=4ef1a2df-1790-4066-9b45-39436a39a8bf&D=&bidder=sovrn&uid=1acc9285b0b6ce3cf8ab2bd1
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=4ef1a2df-1790-4066-9b45-39436a39a8bf&D=&bidder=sovrn&uid=1acc9285b0b6ce3cf8ab2bd1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:40 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy

Redirect headers

Date
Sun, 28 Feb 2021 01:04:40 GMT
Server
nginx
Location
https://prebid.a-mo.net/setuid?A=4ef1a2df-1790-4066-9b45-39436a39a8bf&D=&bidder=sovrn&uid=1acc9285b0b6ce3cf8ab2bd1
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
prebid.a-mo.net/ Frame 9EE1
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4ef1a2df-1790-4066-9b45-39436a39a8bf%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D4ef1a2df-1790-4066-9b45-39436a39a8bf%2526D%253D%2526bidder%253Dappnexus%2526uid%253D%2524UID
  • https://prebid.a-mo.net/setuid?A=4ef1a2df-1790-4066-9b45-39436a39a8bf&D=&bidder=appnexus&uid=5243682155294693262
0
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=4ef1a2df-1790-4066-9b45-39436a39a8bf&D=&bidder=appnexus&uid=5243682155294693262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:40 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy

Redirect headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:40 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.166:80
AN-X-Request-Uuid
26b2a28f-a01e-40d0-a2ed-1c3756721647
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://prebid.a-mo.net/setuid?A=4ef1a2df-1790-4066-9b45-39436a39a8bf&D=&bidder=appnexus&uid=5243682155294693262
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
prebid.a-mo.net/ Frame 9EE1
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4ef1a2df-1790-4066-9b45-39436a39a8bf%26D%3D%26bidder%3Dindex_rtb%26uid%3D
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4ef1a2df-1790-4066-9b45-39436a39a8bf%26D%3D%26bidder%3Dindex_rtb%26uid%3D&C=1
  • https://prebid.a-mo.net/setuid?A=4ef1a2df-1790-4066-9b45-39436a39a8bf&D=&bidder=index_rtb&uid=YDrsKK3FMc.5ru-x8mYm0gAA%261841
0
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=4ef1a2df-1790-4066-9b45-39436a39a8bf&D=&bidder=index_rtb&uid=YDrsKK3FMc.5ru-x8mYm0gAA%261841
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:39 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy

Redirect headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://prebid.a-mo.net/setuid?A=4ef1a2df-1790-4066-9b45-39436a39a8bf&D=&bidder=index_rtb&uid=YDrsKK3FMc.5ru-x8mYm0gAA%261841
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
321
Expires
Sun, 28 Feb 2021 01:04:40 GMT
pixel
cm.g.doubleclick.net/ Frame 9EE1
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=e_660d08a4-b024-4e07-a5b7-fa37cf07b2ce&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_660d08a4-b024-4e07-a5b7-fa37cf07b2ce&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOx29YJpoKjwFYFA-3C-N6P7xPf7xDqeJJYcrbCw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOx29YJpoKjwFYFA-3C-N6P7xPf7xDqeJJYcrbCw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fp...
  • https://id5-sync.com/cq/441/124/8/2.gif?puid=15e93bda-b2fd-43ed-8eeb-0c442e267dd8&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/7/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/7/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/19/7/3.gif?puid=cfe0c5daac2917a9a7714145038b4845&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/441/101/6/4.gif?puid=592a0694-13c4-42c0-85a3-a754b45c8beb&gdpr=1&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F5%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
  • https://id5-sync.com/c/441/108/5/5.gif?puid=efd950b4-7960-11eb-afe8-5a9a02d33f5c&gdpr=1&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F112%2F4%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/441/112/4/6.gif?puid=41AAB74D99705222&gdpr=1&gdpr_consent=
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F3%2F7.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F3%2F7.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F3%2F7.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/441/146/3/7.gif?puid=88055fd6-d376-4b05-b7cf-c9b52722e554&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F398%2F2%2F8....
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=Y2ZlMGM1ZGFhYzI5MTdhOWE3NzE0MTQ1MDM4YjQ4NDU&google_redir=https://id5-sync.com/c/441/398/2/8.gif?puid=Y2ZlMGM1ZGFhYzI5MTdhOWE3NzE0M...
0
0
log.gif
includemodal.com/static/ Frame F0EF 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=0dfd2ed8-59d0-402b-ae31-10fbbf344e71&url=https://cdn.districtm.io/ids/index.html%3F&o=https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.148.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:40 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame F0EF 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=0dfd2ed8-59d0-402b-ae31-10fbbf344e71&url=https://cdn.aralego.net/ucfad/cookie/sync.html%3F&o=https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.148.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:40 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame F0EF 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=0dfd2ed8-59d0-402b-ae31-10fbbf344e71&url=https://biddr.brealtime.com/check.html%3F&o=https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.148.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:40 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame F0EF 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=0dfd2ed8-59d0-402b-ae31-10fbbf344e71&url=https://ad-cdn.technoratimedia.com/html/usersync.html%3Fsrc%3Dprebid_prebid_3.27.1&o=https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.148.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:40 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame F0EF 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=0dfd2ed8-59d0-402b-ae31-10fbbf344e71&url=https://js-sec.indexww.com/um/ixmatch.html%3F&o=https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.148.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:40 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame F0EF 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=0dfd2ed8-59d0-402b-ae31-10fbbf344e71&url=https://ssc-cms.33across.com/ps/%3Fm%3Dxch%26amp%253Brt%3Dhtml%26amp%253Bru%3Ddeb%26amp%253Bid%3Dd3IMIqZxWr6j9iaKkGJozW%26amp%253Bgdpr_consent%3Dundefined%26amp%253Bus_privacy%3Dundefined&o=https://www.sltrib.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.148.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:40 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 2ED8
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f292f34c547d0d49e91717572a8ad86fb80eb9c8a17eed0dbc808ec4badd5eb8

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/um/ixmatch.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=233; CMID=YDrsKAzmuBptNci-Y3L7TQAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://js-sec.indexww.com/um/ixmatch.html

Response headers

Server
Apache
Content-Type
text/html
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1594
Expires
Sun, 28 Feb 2021 01:04:40 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:40 GMT
Connection
keep-alive
Set-Cookie
CMID=YDrsKAzmuBptNci-Y3L7TQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 28 Feb 2022 01:04:40 GMT CMPS=233;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 29 May 2021 01:04:40 GMT CMPRO=1855;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 29 May 2021 01:04:40 GMT CMRUM3=da603aec2827600&39603aec2805a00&dd603aec2827600&f1603aec2805a00&2d603aec2805a0&27603aec280b40&e6603aec2827600&c4603aec2805a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 28 Feb 2022 01:04:40 GMT CMST=YDrsKGA67CgA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 01 Mar 2021 01:04:40 GMT

Redirect headers

Server
Apache
Content-Length
337
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sun, 28 Feb 2021 01:04:40 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:40 GMT
Connection
keep-alive
Set-Cookie
CMID=YDrsKAzmuBptNci-Y3L7TQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 28 Feb 2022 01:04:40 GMT CMPS=233;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 29 May 2021 01:04:40 GMT
idsync
sync.aralego.com/ Frame B577 		35 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://cdn.aralego.net/ucfad/cookie/sync.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 28 Feb 2021 01:04:40 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
usync.js
eus.rubiconproject.com/ Frame 2AC2 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d1cc76a2ebad3324904785be3e4585b00f59a8b4c7b54b38736c64df07ee816b

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 28 Feb 2021 01:04:40 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jan 2021 20:32:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=28443
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9308
Expires
Sun, 28 Feb 2021 08:58:43 GMT
async_usersync
ib.adnxs.com/ Frame 9926 		0
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/dmp/async_usersync.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:40 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.73:80
AN-X-Request-Uuid
aea812a0-d6a1-4f90-b627-79eb72910b9e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame C010 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31162958&p=95054&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4177e4185f552510ca9b7e4f407850a662984f6198bdbdcf59d65f70ef537f6e

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 28 Feb 2021 01:04:40 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
khaos.jpg
token.rubiconproject.com/ Frame 2AC2 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/jpg
sd
eu-u.openx.net/w/1.0/ Frame 9495
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b94b603a-ec28-4400-8524-7917fdc7ba53
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b94b603a-ec28-4400-8524-7917fdc7ba53
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:40 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 28 Feb 2021 01:04:40 GMT
Server
MT3 3518 2f03077 master zrh-pixel-x5
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b94b603a-ec28-4400-8524-7917fdc7ba53
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 28 Feb 2021 01:04:39 GMT
sd
us-u.openx.net/w/1.0/ Frame 9495
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=cjoORSFpDxxpMw0ddzwQHSE8CEJpaAhCcm-H-IEz
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=cjoORSFpDxxpMw0ddzwQHSE8CEJpaAhCcm-H-IEz
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:40 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:40 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=cjoORSFpDxxpMw0ddzwQHSE8CEJpaAhCcm-H-IEz
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 9495
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7114308468341580987
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7114308468341580987
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:40 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:40 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7114308468341580987
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 9495 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=ff57c367-2d7d-30be-75cd-961d1f8c5317&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.225.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 9495
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDMzODEwYWQtZTQwYS02ZTFhLTYwMmQtY2NhNGQ1NmU5ZDc3
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDMzODEwYWQtZTQwYS02ZTFhLTYwMmQtY2NhNGQ1NmU5ZDc3&google_tc=
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDMzODEwYWQtZTQwYS02ZTFhLTYwMmQtY2NhNGQ1NmU5ZDc3&google_tc=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDMzODEwYWQtZTQwYS02ZTFhLTYwMmQtY2NhNGQ1NmU5ZDc3&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9495
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDz2g_1Cd4OTnxUnt-E2meY&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDz2g_1Cd4OTnxUnt-E2meY&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:40 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDz2g_1Cd4OTnxUnt-E2meY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.srvsynd.com/2/1.22.2/234175/AGDXELUNEeNUUZK2/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/1.22.2/234175/AGDXELUNEeNUUZK2/postback?de=2&pv=7bff1dab-0531-492f-a8cf-47342679b943&ci=234175&ap=undefined&pp=100212&ui=00000000-0000-0000-0000-000000000000&md=2&sr=connatix.com&ti=x725249833209048290060919046144&to=3&dt=2341751597675869250012&di=www.sltrib.com&sid=AGDXELUNEeNUUZK2&oz_sc=aca1e1f87841ca039c3b34a6&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/1.22.2/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 28 Feb 2021 01:04:40 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
dcm
s.amazon-adsystem.com/ Frame 2ED8
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YDrsKAzmuBptNci_Y3L7TQAABz8AAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YDrsKAzmuBptNci_Y3L7TQAABz8AAAIB&dcc=t
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YDrsKAzmuBptNci_Y3L7TQAABz8AAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:41 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:40 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YDrsKAzmuBptNci_Y3L7TQAABz8AAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 2ED8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YDrsKAzmuBptNci_Y3L7TQAABz8AAAIB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEJyaSDoZXaNmcKySyWlF2JU&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEJyaSDoZXaNmcKySyWlF2JU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:40 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 28 Feb 2021 01:04:40 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEJyaSDoZXaNmcKySyWlF2JU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 2ED8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YDrsKAzmuBptNci-Y3L7TQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENZu__YfjyWg1LQ43qXoGwM&google_cver=1
43 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENZu__YfjyWg1LQ43qXoGwM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:40 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 28 Feb 2021 01:04:40 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENZu__YfjyWg1LQ43qXoGwM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 2ED8 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&gdpr=1&cm_user_id=YDrsKAzmuBptNci-Y3L7TQAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.225.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
demconf.jpg
dpm.demdex.net/ Frame 2ED8
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YDrsKAzmuBptNci-Y3L7TQAA%261855
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YDrsKAzmuBptNci-Y3L7TQAA%261855
42 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YDrsKAzmuBptNci-Y3L7TQAA%261855
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.151.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-151-98.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v089-0fb9775a1.edge-irl1.demdex.com 5.80.6.20210202104731 0ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
LnCa0MZ1TqQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
cUnWzbfcTho=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YDrsKAzmuBptNci-Y3L7TQAA%261855
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 2ED8
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1870471592924760813
43 B
994 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1870471592924760813
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:40 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 28 Feb 2021 01:04:40 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1870471592924760813
Server
Jetty(9.0.6.v20130930)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tpid=YDrsKAzmuBptNci-Y3L7TQAA%261855
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame 2ED8
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YDrsKAzmuBptNci-Y3L7TQAA%261855
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YDrsKAzmuBptNci-Y3L7TQAA%261855
49 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YDrsKAzmuBptNci-Y3L7TQAA%261855
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.248.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-248-240.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:40 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.21.182
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:40 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YDrsKAzmuBptNci-Y3L7TQAA%261855
cache-control
no-cache
x-server
10.45.3.224
content-length
0
expires
0
us.php
gu.dyntrk.com/adx/ie/ Frame 2ED8 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.178.20.139 , France, ASN16276 (OVH, FR),
Reverse DNS
proxy0393.eu3.dynfactory.com
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 2ED8 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YDrsKAzmuBptNci-Y3L7TQAA%261855
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 28 Feb 2021 01:04:40 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1204
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sun, 28 Feb 2021 01:24:44 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 38D5 		43 B
284 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31162958&p=95054&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Sun, 28 Feb 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1151
date
Sun, 28 Feb 2021 01:04:39 GMT
content-length
43
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 3FBD
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6275921595324111578
42 B
973 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6275921595324111578
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31162958&p=95054&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=95054:2; KADUSERCOOKIE=721641DE-7FB1-460A-A246-ACD00D1CC621; chkChromeAb67Sec=1; DPSync3=1615680000%3A201_227_226_221; SyncRTB3=1617062400%3A203%7C1615075200%3A2_15_67%7C1615766400%3A35%7C1615680000%3A161_7_81_204_99_21_13_54_5_88_189_165_220_22_166_55_222_56_223_71_3_8_176_78%7C1615334400%3A63; KRTBCOOKIE_57=22776-5243682155294693262; PugT=1614474280; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Date
Sun, 28 Feb 2021 01:04:40 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Set-Cookie
KRTBCOOKIE_336=5844-6275921595324111578; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 30-Mar-2021 01:04:40 GMT; path=/ PugT=1614474280; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 30-Mar-2021 01:04:40 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 29-May-2021 01:04:40 GMT; path=/
X-lat
Pug23025:0:354
Content-Length
42
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Pragma
no-cache
X-Cnection
close
Content-Type
image/gif; charset=utf-8

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6275921595324111578
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 7343
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACB207AddgAABHP5aES5g
42 B
977 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACB207AddgAABHP5aES5g
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31162958&p=95054&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=95054:2; KADUSERCOOKIE=721641DE-7FB1-460A-A246-ACD00D1CC621; chkChromeAb67Sec=1; DPSync3=1615680000%3A201_227_226_221; SyncRTB3=1617062400%3A203%7C1615075200%3A2_15_67%7C1615766400%3A35%7C1615680000%3A161_7_81_204_99_21_13_54_5_88_189_165_220_22_166_55_222_56_223_71_3_8_176_78%7C1615334400%3A63; KRTBCOOKIE_57=22776-5243682155294693262; PUBMDCID=3; KRTBCOOKIE_336=5844-6275921595324111578; KRTBCOOKIE_409=22966-diUPaDUP8dth16AJPTyFWY_A&KRTB&23212-diUPaDUP8dth16AJPTyFWY_A; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_107=1471-uid:65ULUwOJ1LgavK5; PugT=1614474280
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Date
Sun, 28 Feb 2021 01:04:40 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Set-Cookie
KRTBCOOKIE_699=22727-AACB207AddgAABHP5aES5g; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 30-Mar-2021 01:04:40 GMT; path=/ PugT=1614474280; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 30-Mar-2021 01:04:40 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 29-May-2021 01:04:40 GMT; path=/
X-lat
Pug23048:0:282
Content-Length
42
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Pragma
no-cache
X-Cnection
close
Content-Type
image/gif; charset=utf-8

Redirect headers

Date
Sun, 28 Feb 2021 01:04:40 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACB207AddgAABHP5aES5g
Server
nginx
set-cookie
bito=AACB207AddgAABHP5aES5g; Domain=bidr.io; expires=Tue, 29 Mar 2022 20:04:40 GMT; Path=/; SameSite=None; Secure bitoIsSecure=ok; Domain=bidr.io; expires=Tue, 29 Mar 2022 20:04:40 GMT; Path=/; SameSite=None; Secure checkForPermission=""; Domain=bidr.io; expires=Thu, 01 May 2008 00:00:00 GMT; Path=/; SameSite=None; Secure
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 834D
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6934114232839501975
42 B
975 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6934114232839501975
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31162958&p=95054&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=95054:2; KADUSERCOOKIE=721641DE-7FB1-460A-A246-ACD00D1CC621; chkChromeAb67Sec=1; DPSync3=1615680000%3A201_227_226_221; SyncRTB3=1617062400%3A203%7C1615075200%3A2_15_67%7C1615766400%3A35%7C1615680000%3A161_7_81_204_99_21_13_54_5_88_189_165_220_22_166_55_222_56_223_71_3_8_176_78%7C1615334400%3A63; KRTBCOOKIE_57=22776-5243682155294693262; PugT=1614474280; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Date
Sun, 28 Feb 2021 01:04:39 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Set-Cookie
KRTBCOOKIE_1101=23040-6934114232839501975; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 30-Mar-2021 01:04:39 GMT; path=/ PugT=1614474279; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 30-Mar-2021 01:04:39 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 29-May-2021 01:04:39 GMT; path=/
X-lat
Pug23032:0:276
Content-Length
42
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Pragma
no-cache
X-Cnection
close
Content-Type
image/gif; charset=utf-8

Redirect headers

Server
nginx
Date
Sun, 28 Feb 2021 01:04:40 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6934114232839501975; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6934114232839501975
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 85B8
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=diUPaDUP8dth16AJPTyFWY_A
42 B
1015 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=diUPaDUP8dth16AJPTyFWY_A
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31162958&p=95054&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=95054:2; KADUSERCOOKIE=721641DE-7FB1-460A-A246-ACD00D1CC621; chkChromeAb67Sec=1; DPSync3=1615680000%3A201_227_226_221; SyncRTB3=1617062400%3A203%7C1615075200%3A2_15_67%7C1615766400%3A35%7C1615680000%3A161_7_81_204_99_21_13_54_5_88_189_165_220_22_166_55_222_56_223_71_3_8_176_78%7C1615334400%3A63; KRTBCOOKIE_57=22776-5243682155294693262; PugT=1614474280; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Date
Sun, 28 Feb 2021 01:04:40 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Set-Cookie
KRTBCOOKIE_409=22966-diUPaDUP8dth16AJPTyFWY_A&KRTB&23212-diUPaDUP8dth16AJPTyFWY_A; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 30-Mar-2021 01:04:40 GMT; path=/ PugT=1614474280; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 30-Mar-2021 01:04:40 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 29-May-2021 01:04:40 GMT; path=/
X-lat
Pug23028:0:305
Content-Length
42
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Pragma
no-cache
X-Cnection
close
Content-Type
image/gif; charset=utf-8

Redirect headers

server
openresty
date
Sun, 28 Feb 2021 01:04:40 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=diUPaDUP8dth16AJPTyFWY_A; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=diUPaDUP8dth16AJPTyFWY_A
strict-transport-security
max-age=0; includeSubDomains;
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 3CD4
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
42 B
979 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31162958&p=95054&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=95054:2; KADUSERCOOKIE=721641DE-7FB1-460A-A246-ACD00D1CC621; chkChromeAb67Sec=1; DPSync3=1615680000%3A201_227_226_221; SyncRTB3=1617062400%3A203%7C1615075200%3A2_15_67%7C1615766400%3A35%7C1615680000%3A161_7_81_204_99_21_13_54_5_88_189_165_220_22_166_55_222_56_223_71_3_8_176_78%7C1615334400%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Date
Sun, 28 Feb 2021 01:04:39 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Set-Cookie
KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 29-May-2021 01:04:39 GMT; path=/ PugT=1614474279; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 30-Mar-2021 01:04:39 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 29-May-2021 01:04:39 GMT; path=/
X-lat
Pug23046:0:242
Content-Length
42
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Pragma
no-cache
X-Cnection
close
Content-Type
image/gif; charset=utf-8

Redirect headers

Server
Tengine
Date
Sun, 28 Feb 2021 01:04:40 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-store, no-cache, must-revalidate
Expires
0
Pragma
no-cache
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
ETag
OPTOUT
bridge
cm.adgrx.com/ Frame 8440 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31162958&p=95054&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.181.122 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Date
Sun, 28 Feb 2021 01:04:40 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-3
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
i.match
s.tribalfusion.com/z/ Frame C71A
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
476 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31162958&p=95054&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=aunoeUwl6hmbQQw9PCZdmZaWRE7PVa2qdqGyaOP9XW
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

date
Sun, 28 Feb 2021 01:04:41 GMT
content-type
image/gif; charset=utf-8
content-length
43
set-cookie
__cfduid=dbf8ea60b8410665f4fa87ff2c09403da1614474280; expires=Tue, 30-Mar-21 01:04:40 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=a4nsIHSZdIiiSTnMSYlNjQMXtnfpiX3eJZccMSZdHZasO80nrkXF15yFbKCIqy5vfWiKKcZaLZcUQpnSkcMuVaQEdASTEJ; path=/; domain=.tribalfusion.com; expires=Sat, 29-May-2021 01:04:41 GMT; SameSite=None; Secure; ANON_ID_old=a4nsIHSZdIiiSTnMSYlNjQMXtnfpiX3eJZccMSZdHZasO80nrkXF15yFbKCIqy5vfWiKKcZaLZcUQpnSkcMuVaQEdASTEJ; path=/; domain=.tribalfusion.com; expires=Sat, 29-May-2021 01:04:41 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
0887c397ea00004aaa5880e000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62863b9fdec24aaa-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Sun, 28 Feb 2021 01:04:40 GMT
content-type
text/html
set-cookie
__cfduid=dbf8ea60b8410665f4fa87ff2c09403da1614474280; expires=Tue, 30-Mar-21 01:04:40 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aunoeUwl6hmbQQw9PCZdmZaWRE7PVa2qdqGyaOP9XW; path=/; domain=.tribalfusion.com; expires=Sat, 29-May-2021 01:04:40 GMT; SameSite=None; Secure; ANON_ID_old=aunoeUwl6hmbQQw9PCZdmZaWRE7PVa2qdqGyaOP9XW; path=/; domain=.tribalfusion.com; expires=Sat, 29-May-2021 01:04:40 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
391
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
cf-request-id
0887c3973e00004aaa82340000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62863b9ecdff4aaa-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 17DC
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=T0IOoG53HdDS&pid=557219
1 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=T0IOoG53HdDS&pid=557219
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31162958&p=95054&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=95054:2; KADUSERCOOKIE=721641DE-7FB1-460A-A246-ACD00D1CC621; chkChromeAb67Sec=1; DPSync3=1615680000%3A201_227_226_221; SyncRTB3=1617062400%3A203%7C1615075200%3A2_15_67%7C1615766400%3A35%7C1615680000%3A161_7_81_204_99_21_13_54_5_88_189_165_220_22_166_55_222_56_223_71_3_8_176_78%7C1615334400%3A63; KRTBCOOKIE_57=22776-5243682155294693262; PUBMDCID=3; KRTBCOOKIE_336=5844-6275921595324111578; KRTBCOOKIE_409=22966-diUPaDUP8dth16AJPTyFWY_A&KRTB&23212-diUPaDUP8dth16AJPTyFWY_A; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_107=1471-uid:65ULUwOJ1LgavK5; KRTBCOOKIE_1101=23040-6934114232839501975; KRTBCOOKIE_80=16514-CAESEMmJMKCDKmjIHeJ6MXNR1yg&KRTB&22987-CAESEMmJMKCDKmjIHeJ6MXNR1yg&KRTB&23025-CAESEMmJMKCDKmjIHeJ6MXNR1yg; KRTBCOOKIE_391=22924-7114308468341580987; KRTBCOOKIE_153=19420-3pBtH43DbEbFmW5H25ZzR42WaxjFwmsY3sVRmqmx&KRTB&22979-3pBtH43DbEbFmW5H25ZzR42WaxjFwmsY3sVRmqmx; KRTBCOOKIE_27=16735-uid:b94b603a-ec28-4400-8524-7917fdc7ba53&KRTB&16736-uid:b94b603a-ec28-4400-8524-7917fdc7ba53&KRTB&23019-uid:b94b603a-ec28-4400-8524-7917fdc7ba53&KRTB&23114-uid:b94b603a-ec28-4400-8524-7917fdc7ba53; KRTBCOOKIE_22=14911-3012225441833435978; KRTBCOOKIE_377=6810-e8152811-d939-402c-8c09-fd80ebf98084&KRTB&22918-e8152811-d939-402c-8c09-fd80ebf98084&KRTB&23031-e8152811-d939-402c-8c09-fd80ebf98084; KRTBCOOKIE_699=22727-AACB207AddgAABHP5aES5g; PugT=1614474280; SPugT=1614474281
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Server
nginx
Date
Sun, 28 Feb 2021 01:04:41 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 29-May-2021 01:04:41 GMT; path=/
X-lat
lhrpug016:0:468
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-75d6d6d469-ttkk7
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=T0IOoG53HdDS&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
set-cookie
INGRESSCOOKIE=ee15dc5b4294b17c; path=/; HttpOnly; Secure; SameSite=None
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 08BB
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8aa91b8a-9800-4621-94ce-d3a481d67497-tuct73471a8&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8aa91b8a-9800-4621-94ce-d3a481d67497-tuct73471a8&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31162958&p=95054&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8aa91b8a-9800-4621-94ce-d3a481d67497-tuct73471a8&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=8aa91b8a-9800-4621-94ce-d3a481d67497-tuct73471a8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

server
nginx
accept-ranges
bytes
date
Sun, 28 Feb 2021 01:04:40 GMT
via
1.1 varnish
x-served-by
cache-fra19123-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1614474281.910505,VS0,VE8
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=8aa91b8a-9800-4621-94ce-d3a481d67497-tuct73471a8;Version=1;Path=/;Domain=.taboola.com;Expires=Mon, 28-Feb-2022 01:04:40 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8aa91b8a-9800-4621-94ce-d3a481d67497-tuct73471a8&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Sun, 28 Feb 2021 01:04:40 GMT
via
1.1 varnish
x-served-by
cache-fra19123-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1614474281.823902,VS0,VE55
x-vcl-time-ms
55
content-length
0
check
pixel.tapad.com/idsync/ex/receive/ Frame F0EC
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
95 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31162958&p=95054&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.tapad.com
:scheme
https
:path
/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TapAd_TS=1614474281275; TapAd_DID=efd950b4-7960-11eb-afe8-5a9a02d33f5c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

date
Sun, 28 Feb 2021 01:04:41 GMT
strict-transport-security
max-age=31536000
content-type
image/png
content-length
95
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear

Redirect headers

date
Sun, 28 Feb 2021 01:04:41 GMT
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1614474281275;Expires=Thu, 29 Apr 2021 01:04:41 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=efd950b4-7960-11eb-afe8-5a9a02d33f5c;Expires=Thu, 29 Apr 2021 01:04:41 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length
0
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 3C09
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:65ULUwOJ1LgavK5&gdpr=0&gdpr_consent=
42 B
973 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:65ULUwOJ1LgavK5&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31162958&p=95054&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=95054:2; KADUSERCOOKIE=721641DE-7FB1-460A-A246-ACD00D1CC621; chkChromeAb67Sec=1; DPSync3=1615680000%3A201_227_226_221; SyncRTB3=1617062400%3A203%7C1615075200%3A2_15_67%7C1615766400%3A35%7C1615680000%3A161_7_81_204_99_21_13_54_5_88_189_165_220_22_166_55_222_56_223_71_3_8_176_78%7C1615334400%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Date
Sun, 28 Feb 2021 01:04:40 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Set-Cookie
KRTBCOOKIE_107=1471-uid:65ULUwOJ1LgavK5; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 29-May-2021 01:04:40 GMT; path=/ PugT=1614474280; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 30-Mar-2021 01:04:40 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 29-May-2021 01:04:40 GMT; path=/
X-lat
Pug23043:0:339
Content-Length
42
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Pragma
no-cache
X-Cnection
close
Content-Type
image/gif; charset=utf-8

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Sun, 28 Feb 2021 01:04:39 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:65ULUwOJ1LgavK5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-05a1c1cf6bbf9fe9a@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=65ULUwOJ1LgavK5; Domain=.w55c.net; Expires=Mon, 28-Mar-2022 01:04:40 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Tue, 30-Mar-2021 01:04:40 GMT; Path=/; SameSite=None; Secure
Content-Length
0
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C010
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=chZB3n-xRgqiRqzQDRzGIQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 28 Feb 2021 01:04:40 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=25907
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Sun, 28 Feb 2021 08:16:27 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame C010 		95 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=721641DE-7FB1-460A-A246-ACD00D1CC621
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
62863b9ecbdd0eb3-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0887c3973e00000eb3e13f0000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame C010
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=721641DE-7FB1-460A-A246-ACD00D1CC621&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=721641DE-7FB1-460A-A246-ACD00D1CC621&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=721641DE-7FB1-460A-A246-ACD00D1CC621&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:40 GMT
frontend-id
4
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:40 GMT
frontend-id
15
location
/pubmatic/1/info2?sType=sync&sExtCookieId=721641DE-7FB1-460A-A246-ACD00D1CC621&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame C010
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=721641DE-7FB1-460A-A246-ACD00D1CC621&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=721641DE-7FB1-460A-A246-ACD00D1CC621&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=721641DE-7FB1-460A-A246-ACD00D1CC621&addseg=29
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=721641DE-7FB1-460A-A246-ACD00D1CC621&addseg=29
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 28 Feb 2021 01:04:41 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Sun, 28 Feb 2021 01:04:40 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=721641DE-7FB1-460A-A246-ACD00D1CC621&addseg=29
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
image2.pubmatic.com/AdServer/ Frame C010
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzIxNjQxREUtN0ZCMS00NjBBLUEyNDYtQUNEMDBEMUNDNjIx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 28 Feb 2021 01:04:40 GMT
X-lat
lhrpug011:0:332
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C010
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMmJMKCDKmjIHeJ6MXNR1yg&google_cver=1
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMmJMKCDKmjIHeJ6MXNR1yg&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:39 GMT
X-lat
Pug23032:0:300
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMmJMKCDKmjIHeJ6MXNR1yg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame C010 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:40 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 27 Feb 2021 01:04:40 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C010
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e8152811-d939-402c-8c09-fd80ebf98084
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e8152811-d939-402c-8c09-fd80ebf98084
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:38 GMT
X-lat
Pug23050:0:224
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:40 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e8152811-d939-402c-8c09-fd80ebf98084
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame C010
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7114308468341580987
42 B
974 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7114308468341580987
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:40 GMT
X-lat
Pug23044:0:301
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:40 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7114308468341580987
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame C010
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b94b603a-ec28-4400-8524-7917fdc7ba53&gdpr=0&gdpr_consent=
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b94b603a-ec28-4400-8524-7917fdc7ba53&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:39 GMT
X-lat
Pug23040:0:395
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Sun, 28 Feb 2021 01:04:40 GMT
Server
MT3 3518 2f03077 master zrh-pixel-x29
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b94b603a-ec28-4400-8524-7917fdc7ba53&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 28 Feb 2021 01:04:39 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C010
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5243682155294693262&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5243682155294693262&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 28 Feb 2021 01:04:40 GMT
X-lat
lhrpug017:0:504
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:40 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.182:80
AN-X-Request-Uuid
ae04dd02-5087-49f0-aefb-c16e788675dc
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5243682155294693262&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame C010
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=721641DE-7FB1-460A-A246-ACD00D1CC621&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=721641DE-7FB1-460A-A246-ACD00D1CC621&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-t6RfpZN1l2JgvSEeUVVrpIh58JwRx58-&gdpr=0&gdpr_consent=
0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-t6RfpZN1l2JgvSEeUVVrpIh58JwRx58-&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Date
Sun, 28 Feb 2021 01:04:41 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8

Redirect headers

Date
Sun, 28 Feb 2021 01:04:40 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-t6RfpZN1l2JgvSEeUVVrpIh58JwRx58-&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
721641DE-7FB1-460A-A246-ACD00D1CC621
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C010 		43 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/721641DE-7FB1-460A-A246-ACD00D1CC621?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:04:40 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C010
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=6874fd71-3689-44ce-902e-8c321cc4972f&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7c969685-b2a3-4937-a886-1f2efdafc783&gdpr=&gdpr_consent=&gdpr_pd=
1 B
949 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7c969685-b2a3-4937-a886-1f2efdafc783&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:39 GMT
X-lat
Pug23033:0:351
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7c969685-b2a3-4937-a886-1f2efdafc783&gdpr=&gdpr_consent=&gdpr_pd=
date
Sun, 28 Feb 2021 01:04:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame C010
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3012225441833435978&gdpr=0&gdpr_consent=&us_privacy=
1 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3012225441833435978&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 28 Feb 2021 01:04:40 GMT
X-lat
lhrpug004:0:552
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3012225441833435978&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 28 Feb 2021 01:04:40 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame C010
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=3pBtH43DbEbFmW5H25ZzR42WaxjFwmsY3sVRmqmx
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=3pBtH43DbEbFmW5H25ZzR42WaxjFwmsY3sVRmqmx
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:39 GMT
X-lat
Pug23046:0:271
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:40 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=3pBtH43DbEbFmW5H25ZzR42WaxjFwmsY3sVRmqmx
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C010
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YDrsKAAAAD3SRyzr&gdpr=0&gdpr_consent=&_test=YDrsKAAAAD3SRyzr
1 B
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YDrsKAAAAD3SRyzr&gdpr=0&gdpr_consent=&_test=YDrsKAAAAD3SRyzr
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:40 GMT
X-lat
Pug23040:0:331
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:40 GMT
via
1.1 varnish
server
Varnish
x-timer
S1614474281.989544,VS0,VE0
x-served-by
cache-hhn4034-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YDrsKAAAAD3SRyzr&gdpr=0&gdpr_consent=&_test=YDrsKAAAAD3SRyzr
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
image2.pubmatic.com/AdServer/ Frame C010
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 28 Feb 2021 01:04:41 GMT
X-lat
lhrpug002:0:504
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:41 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame C010 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=721641DE-7FB1-460A-A246-ACD00D1CC621&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:40 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame C010
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:9ce4fa72-4892-4571-984d-7c89f2d1c6df&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:9ce4fa72-4892-4571-984d-7c89f2d1c6df&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:41 GMT
X-lat
Pug23024:0:322
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:9ce4fa72-4892-4571-984d-7c89f2d1c6df&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sun, 28 Feb 2021 01:04:41 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame C010
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5243682155294693262
42 B
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5243682155294693262
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:42 GMT
X-lat
Pug23022:0:224
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:42 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 725.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.135:80
AN-X-Request-Uuid
6965da82-64e2-4b6c-89ea-7e929bc9ad3b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5243682155294693262
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C010
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_1ce9ecce-b9e4-41f1-985b-f90885262b68
42 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_1ce9ecce-b9e4-41f1-985b-f90885262b68
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 28 Feb 2021 01:04:41 GMT
X-lat
lhrpug005:0:524
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_1ce9ecce-b9e4-41f1-985b-f90885262b68
date
Sun, 28 Feb 2021 01:04:40 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
async_usersync
ib.adnxs.com/ Frame 9926 		0
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/dmp/async_usersync.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Feb 2021 01:04:41 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.51:80
AN-X-Request-Uuid
82205178-9243-4a60-8aed-d01b922a4c42
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
g
capi.connatix.com/rtb/ Frame A87A 		217 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=104830
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.217.204.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5550fa09c413111f773eec23650c27fcaf4c931f726ad5c99ed0d7bcdb3fee53

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Sun, 28 Feb 2021 01:04:42 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.sltrib.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
189
SPug
simage4.pubmatic.com/AdServer/ Frame C010 		0
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=95054&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Date
Sun, 28 Feb 2021 01:04:42 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8
ping
ping.chartbeat.net/ 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=sltrib.com&p=%2F&u=BQT0qyTvPubCsD89a&d=sltrib.com&g=65212&g0=home&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=5604&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=3&r=&b=665&t=DEIjK3oNI9EDWPPh9C7yeobBTl7Yb&V=122&tz=-60&_hottopic=&_acct=anon&sn=3&sv=B9TXoQBUtYIhDunynEdKcsnDgadwO&sd=1&im=067b0ff3&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.67.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-67-161.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:04:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=Y2ZlMGM1ZGFhYzI5MTdhOWE3NzE0MTQ1MDM4YjQ4NDU&google_redir=https://id5-sync.com/c/441/398/2/8.gif?puid=Y2ZlMGM1ZGFhYzI5MTdhOWE3NzE0MTQ1MDM4YjQ4NDU&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

185 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| BOOMR_mq string| BOOMR_API_key object| BOOMR number| BOOMR_lstart function| ttd_dom_ready function| TTDUniversalPixelApi number| BOOMR_configt object| Fusion string| googleAnalytics string| gaTitle object| globalContent object| XML_CHAR_MAP function| escapeXml string| siteName undefined| authors undefined| articletags string| GoogleAnalyticsObject function| ga object| dataLayer string| homepage object| isAdmin string| section object| _sf_async_config string| cbSectionsVal string| authorName undefined| hotTopic number| _sf_startpt object| _cbq number| _sf_endpt undefined| appId function| twq object| react object| React object| ReactDOM object| PropTypes object| scCGSHMRCache object| StyledComponents number| 2f1acc6c3a606b082e5eef5e54414ffb function| setImmediate function| clearImmediate object| regeneratorRuntime string| idOne string| idTwo object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| __xshjryhdhjkuehd object| googletag object| ggeac object| google_js_reporting_queue object| apstag function| postscribe object| google_tag_manager object| _563c6d6c-a9ec-41aa-8ccd-73dcdb17c8eb object| _cbm function| cnxps object| twttr string| env object| pianoPush object| meteredParam boolean| isMetered string| cloudFlare object| tp undefined| tags undefined| firstPublishedDate undefined| isSponsored undefined| sites string| ssaUrl function| fbq function| _fbq function| profitwell function| onYouTubeIframeAPIReady function| BlockAdBlock object| blockAdBlock function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing boolean| apstagLOADED number| pnInitPerformance function| ___tp object| localCookieStorage object| sessionCookieStorage string| __tpVersion string| __tpEnv object| jQuery11240034424323149955915 object| SWG object| cX function| cxCCE_callQueueExecute object| cxTest function| cx_callQueueExecute function| cx_pollActivity function| cx_pollActiveTime function| cx_pollFragmentMessage object| headertag object| Criteo function| headertag_render object| pbjs object| rubicontag number| _swclk_ number| _swsts_ object| PushlySDK function| pushly object| criteo_pubtag object| criteo_pubtag_105 object| Criteo_105 number| BOOMR_onload object| PianoESPConfig object| cXNative object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id number| google_srt function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests object| cnx_usr_storage object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| ampInaboxIframes object| ampInaboxPendingMessages object| cnxPlugins object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| __wo_mt_handlers function| __wo_mt_func object| __ozoki_handlers function| __ozoki_call string| saved_tc string| saved_sc string| ________ok object| _21bc8503-7806-41da-b650-37b6eedc566f object| ads_list object| embeds_list boolean| isPageviewSent boolean| insticatorIframeLoaded object| confiant function| cnxAddEventListener

14 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUmsp9gFEFk_4ac5UT0AFQCoD_E8_di2fewZ8UT_FbkCl144kOfvBuJWGSJYpwk
www.sltrib.com/ Name: __pnahc
Value: 0
.sltrib.com/ Name: _ga_DC2TJEE08T
Value: GS1.1.1614474268.1.0.1614474268.0
.sltrib.com/ Name: _gid
Value: GA1.2.1136432078.1614474268
www.sltrib.com/ Name: _cb_ls
Value: 1
www.sltrib.com/ Name: _cb_svref
Value: null
www.sltrib.com/ Name: _chartbeat2
Value: .1614474268288.1614474268288.1.B9TXoQBUtYIhDunynEdKcsnDgadwO.1
www.sltrib.com/ Name: __adblocker
Value: false
.sltrib.com/ Name: _fbp
Value: fb.1.1614474268816.1205924955
www.sltrib.com/ Name: _cb
Value: BQT0qyTvPubCsD89a
.sltrib.com/ Name: _ga
Value: GA1.1.318633835.1614474268
.sltrib.com/ Name: AKA_A2
Value: A
.sltrib.com/ Name: RT
Value: "z=1&dm=sltrib.com&si=bapiemxcprm&ss=klogalum&sl=0&tt=0"
www.sltrib.com/ Name: arc-country
Value: DK

13 Console Messages

Source Level URL
Text
console-api info URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2101070013000 https://www.sltrib.com/
console-api warning (Line 1)
Message:
NO prebid responses1
console-api warning (Line 1)
Message:
NO prebid responses1
console-api log URL: https://d3oi8laqsvc6ey.cloudfront.net/pw.js(Line 2)
Message:
Scanner Online
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js(Line 162)
Message:
dom ready!
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js(Line 451)
Message:
topFrame: [object Object]
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js(Line 212)
Message:
params: [object URLSearchParams]
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js(Line 331)
Message:
Cookie enabled, set cookie
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js(Line 297)
Message:
session: [object Object]
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js(Line 407)
Message:
Send pageview now
console-api info URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2101070013000 https://www.sltrib.com/
console-api info URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2101070013000 https://www.sltrib.com/
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js(Line 412)
Message:
formatedPageview: {"timestamp":"2021-02-28T01:04:33.597Z","user_data":{"session_details":{"id":"b174e6ca-5b64-4c82-bdb6-9b8f34dd059d","referrer":"","campaign":{"source":null,"medium":null,"campaign":null,"term":null,"content":null}}},"embed_context":{"site":{"id":"136953cb-88f9-48b3-9417-8f28d8a3cf54","page_url":"https://www.sltrib.com/","hostname":"www.sltrib.com"},"environment":{"device":"DESKTOP"}},"event_data":{"type":"load","data":{"pageview_type":"AD_ONLY","integration_type":"DFP_WITHOUT_SAFEFRAME","ads":["div-insticator-ad-3"],"embed":[],"header_code_version":"STANDARD-V_4_0_2-2021-02-25 03:00:14","test_group":"0"}}}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

656f699dcc216702495c6e216c511368.safeframe.googlesyndication.com
8208269.fls.doubleclick.net
8234312.fls.doubleclick.net
864925cf4a0280b4565862a61050aad1.safeframe.googlesyndication.com
a.tribalfusion.com
a828656d04a9d8773a73dee54db9d850.safeframe.googlesyndication.com
acdn.adnxs.com
ad-cdn.technoratimedia.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads3.mthsense.com
adservice.google.com
adservice.google.de
adservice.google.dk
aef5dbe965e8814201292128fa45d2a2.safeframe.googlesyndication.com
analytics.twitter.com
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
as-sec.casalemedia.com
aud.pubmatic.com
b2c.insticator.com
bcp.crwdcntrl.net
bh.contextweb.com
bid.contextweb.com
bidder.criteo.com
biddr.brealtime.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.go-mpulse.net
c1.adform.net
capi.connatix.com
cd.connatix.com
cdn.ampproject.org
cdn.aralego.net
cdn.cxense.com
cdn.districtm.io
cdn.p-n.io
cdn.tinypass.com
cds.connatix.com
clickserv.basis.net
clickserv.sitescout.com
cm.adgrx.com
cm.g.doubleclick.net
cmp.osano.com
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
cs.emxdgt.com
csi.gstatic.com
d2na2p72vtqyok.cloudfront.net
d2s8wlbatk24s7.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
d3oi8laqsvc6ey.cloudfront.net
d5p.de17a.com
dclk-match.dotomi.com
df80k0z3fi8zg.cloudfront.net
dh014lg6uwepv.cloudfront.net
dis.criteo.com
dmx.districtm.io
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
eu-u.openx.net
eus.rubiconproject.com
event.insticator.com
experience.tinypass.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geoip.insticator.com
googleads.g.doubleclick.net
green.erne.co
gu.dyntrk.com
gum.criteo.com
hb.aralego.com
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
id.sltrib.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
img.connatix.com
includemodal.com
includemodal.global.ssl.fastly.net
insight.adsrvr.org
insticator-d.openx.net
js-sec.indexww.com
js.adsrvr.org
local.sltrib.com
lockerdome.com
mab.chartbeat.com
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
mwzeom.zeotap.com
odr.mookie1.com
os4m-d.openx.net
p.rfihub.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-a.basis.net
pixel-sync.sitescout.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.technoratimedia.com
protected-by.clarium.io
public.profitwell.com
pubmatic-match.dotomi.com
r.scoota.co
rtb.gumgum.com
rtb.openx.net
s.amazon-adsystem.com
s.go-mpulse.net
s.srvsynd.com
s.tribalfusion.com
scomcluster.cxense.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sltrib-d.openx.net
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.ads-twitter.com
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
storage.googleapis.com
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.go.sonobi.com
sync.mathtag.com
t.co
tag.1rx.io
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
vid.connatix.com
visitor.fiftyt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.npttech.com
www.sltrib.com
x.bidswitch.net
x.yieldlift.com
cm.g.doubleclick.net
104.108.50.124
104.111.215.135
104.154.142.214
104.16.68.69
104.17.120.107
104.215.88.166
104.244.42.133
104.244.42.195
107.23.67.161
108.128.151.98
13.224.192.34
13.224.194.170
13.32.24.112
136.144.59.88
143.204.94.161
151.101.113.194
151.101.114.137
151.101.114.49
151.101.13.108
151.101.13.44
151.101.14.137
151.101.194.137
152.199.22.191
159.65.196.12
169.50.137.190
172.217.16.134
172.217.18.102
172.217.18.98
173.231.181.122
178.162.133.149
178.162.133.150
178.250.0.163
178.250.2.131
178.63.12.147
18.159.187.109
18.193.58.245
18.195.155.181
18.196.104.43
18.197.249.149
18.203.96.5
18.211.21.136
18.217.204.33
185.29.132.144
185.33.221.14
185.33.221.52
185.64.189.112
185.64.189.114
185.64.189.249
185.64.190.78
185.64.190.80
185.64.190.81
185.86.137.107
192.96.200.41
193.0.160.128
193.122.130.38
198.148.27.134
198.148.27.139
199.232.136.157
2.16.186.138
2.18.233.180
2.18.234.21
2001:678:cb4:bbbb::11
213.155.156.183
213.19.147.150
213.19.147.210
216.152.140.212
216.52.2.19
2600:9000:206f:5400:18:1fcd:34e:d2a1
2600:9000:211e:4c00:5:ee0e:9e80:21
2600:9000:211e:9e00:1a:5302:20c0:21
2600:9000:211e:d000:10:3422:3f00:21
2600:9000:2156:4000:3:b7e:8940:93a1
2600:9000:21f3:7e00:d:77c3:2dc0:21
2600:9000:21f3:de00:1c:386f:ec80:21
2606:4700:10::6816:1957
2606:4700:20::681a:567
2606:4700::6811:b7b1
2606:4700::6811:b8b1
2606:4700::6812:d05
2606:4700:e2::ac40:8a06
2607:f8b0:4002:c03::78
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1288:110:c305::8000
2a00:1450:4001:800::2001
2a00:1450:4001:800::200e
2a00:1450:4001:801::200a
2a00:1450:4001:801::200e
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:811::200a
2a00:1450:4001:812::2004
2a00:1450:4001:813::2010
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:400c:c0c::9d
2a02:2638:1::3
2a02:2638::1c
2a02:26f0:6c00:19a::11a6
2a02:26f0:6c00:287::11a6
2a02:26f0:6c00:2bd::268b
2a02:fa8:8806:16::1400
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:600::714
3.122.57.214
3.126.56.137
3.130.148.110
34.120.207.148
34.251.61.210
34.98.107.212
34.98.67.61
35.158.9.168
35.186.253.211
35.201.96.126
35.227.248.159
35.244.159.8
37.157.5.142
51.178.20.139
51.255.68.171
52.200.180.114
52.214.70.9
52.215.241.211
52.45.248.59
52.48.248.240
52.50.99.220
52.59.46.254
52.94.232.32
54.158.142.157
54.36.109.22
54.74.225.211
65.9.58.124
66.155.71.149
66.155.71.189
66.155.71.25
67.202.110.22
69.16.220.201
69.173.144.139
69.173.144.141
77.243.60.138
85.114.159.93
87.98.228.78
00133585616dd1c66765009d81c52a8be08bd517f46f66ea004cc88f414db021
02cd60655fcce9585457a7cd041767aba7c4aeef590805801be7090b5fe3fd5e
03500cc457119275d5cb4d45dc16e92f657a49b304682c231d5855e7a5d1f2e3
043942f120a1e4f91f174010c8ce3328bc112ca51752993de39060269d16828c
053eb72b1ddfef4f5c2e4a8b21b8db54cfe5537c44d68dfbdb0aac2cd1cf498e
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
069f4da518e5b49fe4181fb2da29f9f8fa58560bb51f6de82767596ca3fd5976
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
09365e3612d2c491e2830f5e8fb71f310d99e4ad8ee640a2e1f0bb81830374da
0b29746165a458fb96e404e770dc405e9a01e9ce44cfa160d4f7fe14e0753217
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0eeb9bda2b69b8bc97b98da1f44acdee2356d047a439d00e723373ec5efb6498
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10a50cd95a46904b6c652a970e68143189dbf0cbfb19f535741110cb71b5dc28
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
11c89103ee41575de116f043d724e7db3faa919e044b00f0e115dbfc47908461
11f879a7da56b6826b393da7bee7db99696652874b38c9d7c79300528429efed
130eab0b79272570e565d77bb286b5755b9aae8f33efe8af7a2689bf8eabb859
1349f8a177348d0812701b1d014b76c7dba107cb9793792379e70cfeb35ed80d
14cc9990d2d20705c74a9f3da3530bcfe366a90dfb6f8dee22afcc1dd85543b9
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
192ba224f09038b86f932f3ee63c37c16d1df6ba66bd3173664d8287772514d0
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
213b9ca5a900159a345f090a85fc24bed8dac9ed54fb205682469fecb53f12d6
221aebf986f371cf684df33b63a5683c956c9b09b1d1ee14bbd553599a4a07ab
225be4786a72f5082833b923c8b2aa2c438f8e1dcf0c825e06dfa13df9052ef3
24bd9d241796208ea33a147077e7d34fcf19da189102bb10bc3585ec7a50c290
2523d5cae257051483c8483f29c034ed536353b9eec22a48e18489864f13ee95
2600a444d02ea44ece37875df257d7551704d0ec84a06d2e0aa83b98fd30075d
274cd63f256ea7cfbf7d69be70bd05751d38ef9919a4dcd6daf8b69e490f364e
281a1c5996dabee532e69c0be0d9bdef31178f9eb492bd9d96a3d69083894889
284dfa2a20ad11b2a585cc187dc6a15b149454a1ce8eb3a48e15064d57beb8c7
292e3b9fa7eff78d18f9f28e666f940c96696c6a2aa4dd543227f82d0c6c21c7
2cb34ab9523b78db9bc3c7aadef30afa96202dcb8a1103cef9f134c1e3573b0b
2deb82c585f891ba79a0cc6e27caf804cd5308c9fc91f5487549d64f3bb84b89
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e6a3c65b0245268beddb979d30c6910f70dc3ae38f6e7d6f489309c736dcff1
2ee82b180bcdba0b77df8173089818aafbe1e55be9a445bd419d9ef40f98f02b
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30ebdd6035ba90b80114fd4e27e56abf972f930bf1cc802bbc012fadeee8252a
325eb0ed9c4b2173718116d97c78e067f83311ed07570de76d154881bee92947
32d0592e0bf4f414dd5e18ec614755675b31b224add031e19dc9fc8aa5846254
32d08a761899ea21cb8e5f46fd14e1e3aa3fb05df6d98499600c3831d86f6857
3413c165b4624771f4822d472654336723d85c1b93fce68c56287424ccd8efc1
35ccef75aea1163fb9980ffd7352a6f4001ce5316f1d9548d200862947e9abbc
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37e4ecedf0ab53a8f928507a9ae337f5871230f4525ce7e8070af4b21c17412d
3878645d4ed652a2a3877042d7952dc72e2ada8296a808f245851547a551f66a
3886d7f39ab72badd9388dfdce2130f50d5ee21f8c8250fe5ca51b3e90e84766
3a4a81f366d8893a0443bb7f93b94177000f070bb2fe0144e04c05633a130620
3bc100c0bd07cc5c6f86a2ce69763fc1cf37b855fd5b395e842c3afb46bf6696
3d57b2aa6f7093b17fd21255c92b47840c790b42e59cfd825be69822cb55cb9a
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d8166ea5d3f82de6727e6d84fc32d720f31062c1e8cc6af6a74b3649fd40a3c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
403f82f5023b7899ecc6ea3059c0b29c10d6719e7f8464e0625c8f5d02c9b69c
40f94d4bff7ccb6896e68d0b94d486b89aa3f7a46bc753a120fab954e636a573
4177e4185f552510ca9b7e4f407850a662984f6198bdbdcf59d65f70ef537f6e
42047bfa41fbdf0ba78684863737e71345e37dd7a77280b742d89b81a685022a
44045ac1fa2fc865d22c33e508b042544a3ecc24dc2e3403b669d658af173e31
462f8a9becd0c3fe2ff5f35f32d9ec980cab1ae3a715b9f7ba03e544134d815c
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
471b921e9d77b6022ec8a813db6cf5ec9f7ccd052cf179a1ef46ac1e1fb99920
47979ef506264db0704b5de93065a3ca44e171e2054648f5f12f66f587a1ed3e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48bbcc1ce2487936f5f8224d471cfc0b639d68abca1789fafd9f393f6bebaf76
49277717f8500aea66abf6ea218a3b5803007a92b85871559de84e2c3cc0a26b
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4b0b55689f9d15db836c8caf4527e90bfeeb67367c16c8b2e050fdfd92ddb467
4c695461baaf8031bc3f6a183ab748fece150aafb8ebe2afc96b3bf262da1f6c
4c810554d4a1687e526b43a50eac5ed87f9d20cde0d08060f456e7cc6f35d117
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4dc885b2f96d9e6c95f64b2858599bee06f922068fb793d56a7e0e544c2e775c
4dd3a172535ee3aaee582f984784933028bbdefbeea8eda47e25b68de1d3f686
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e29691cbd68d16dccf0cf82f7d292896167afa0cabb945b815a5d06c551e88b
4e379a527913ece5ca9cdad0e68bfcc813516bc492dbcfafaf02a9f79a552271
4e43319b533cee604e2230bcc9d8d080635632bac8334809ec80fc14213607b3
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f820f0ef60feea0b9127f668b9fb37ed82e6f9265859d43a826336cf428f507
4fe1dec38cca16812e4a26aa20682a22c9421dc986f84ad2ef1e80aa812a1487
5018230bc803da921c5e52b4c9e13973754ca8819e302dfe47320decd606a335
50218b350ecd9694900e829cfc6c60e47693ef3cb35a07774414ef83a911f1b4
50ea306caad273fb96189b9b3515e1711dfc5b3b4620bbac4358398777374616
530c3fbf616958c8b72743289b58268410c9c281f50429cb564ec9329aab8edc
5550fa09c413111f773eec23650c27fcaf4c931f726ad5c99ed0d7bcdb3fee53
573dd332efcaf9ab1ae7f7e72bbbd65aa0c6b9223c4bcead7be3aa25685cba4e
5b69e7fdc06ea24af17e04bd80ad416a1e378674f4824dd858cae7d4f3c59c6a
5b8286703b3aa2e8ed1495e094181485445394bca3f5493566499a90e277adb6
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187
5e80aa94bfb5590015e924a81b7bfbaf04093e8d8f56db584204c3886734884f
5e8485b18f27535ecf4871e571d1faa3d06e6381d7fc58e1f51017f3bc2ae2d9
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
619f1b87c38c3a560edf9069cee622b36cedba046019a1fb97aec47ec16e2c20
66514d6a5dea76d892266379828937241e0db80c26582c063d5e639333b270f8
668c0ef605758b2a28ae572680986554e0097e2f10a749db8316b3cb1574806c
66e105e2dc73920b9c8cdd39625e9d50c81c21ea1c88f665180433b54d962984
6703628fbfc8c2e4a1e8ee9ddf207913b5f7b4bf898a69bd4d524347345360a5
688e1a13a6ab7e1a00ca53de2288ddc2abcaedb690040b04803cd22ce9334332
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
69e31d53d95f965695db3712f85925810e90cc839a793c87adfcb21eb637673e
6a7dd3acbecddc653446803e807cea2b6a85f3c6c1a6cc349b751f5e965647ad
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b850ca93251415c6e5b61c2351ca8a8c8903707c3beac464440966103856573
6bd32ad05682d971a4958e90a62ee2b56726f8637198857301fc12e32e5df05e
6c2e4075c68613d764ea872dc0b5bb479b753aef3a315ac37896ce8fbe65a5ba
6e1b4d56ffa145f77c6f76df3ddcbfb6737f8df766bfccfb2292c7736905cf0a
701002e0f21eed9cccb825bc1c51c7de68fb1086542d1ca5459319036c9228d5
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
71f334dd573c755a9af822714671073885ee4cb66307e8df61d23a5b20bd2ab2
723ba37bf43995b73849ec2b15d7e18131de84f006a15079e288ba8b21adb037
72d3bb48505405120796571830ae74c4f871f03a9052d080cde2190aa926b1ee
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74cd3ed45605474f63118457b06bf7aa574d0db7907c525715cbe7554559ccf3
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
77ced77641d9ae32c1d0461d6dcfef91682d93f703d23c4c8ca927a4bc6621ed
7b0063a5e666b8347a392adc777544f7b5074439eb0969051b29cad6b6f0eb00
7c431365487518b64fc480eb7c1c0e033ff3949165bc2ebb6049c15bfc8ea838
7e9fb52a47bcbcb5cf485273bacdb52700299ba1ebb66ec72c622457259ae892
7eb2af8a6315d058a1e7b87fadf2070e8fc0b2449b0a89da20c5b912de500acd
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f1c5e3c6cadffb411882e2eec422c52f8352d7b4b1860b12fbf19794372b488
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
809fa319d32d1d63ef512c4c96cb67f49b55d8b81c2b64a346fec1e647a714c1
80bcead65b21332a5c581789ab06bd727d463245380d4dfd8eca39c4fa984e28
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d92dbbb7413c0bf02248fca679d2288f48372b7f2817c91650ae7c4213930e
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
8483b277f6cd869c4918e0a34838d069c82bd141e2c8b20ff15b9be56fcc8df0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8561425906e41d692a5e901cff55648c9842d1eb3a293bc7d0d51fce6e589e4d
85a39b2febc8f8dc2a7ee1e3c4e8a23bcbe10f8250614d32efdd4b4d4bd40df8
85fd9a802bbe7f093d8affccc7e3bf87842db69c0581243dbb668b0ce44cc2f8
860e8c9a2c58899552febf857e4d6777e4acf14dc8f26e8c481bbf41eefd3d05
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
869afc986a4593c6bc131bc073c2729780709a09ed85b0fbbbd1c385d3684b6e
870b2aa31c41ba833e28e8e1eb5d6e4ed828cadf9d40a40a6ebf343a0abdc4b0
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
88150d8853079744a305c68c7f5b7ef0609f4dc7fe3a5a2e38edf0cd21402a74
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8bdff3474a2489fdebb5d89b7d8306de879cccf19c19c035f3e0874058a9247c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e7060fcc6afaa7e61865286036d7ffa06c6cce121a4f9c3e90132bf9882d9f3
8ec3cdfcdc79223ee04ed060812314854cb3b3d9d1914390c755934366fc3693
8f37f7a6e8844b8e059ff5d8525c22db03649fcba4db679f0122a9044b29a9b5
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8ffa9a8bd3717973966ac0774261c9bf71b1332f89080bb13e37779146a384ab
9041f63adc7ef5badf30edfdd51d94832df52c6a93c52ba91ea270c107847b82
90ae3651658e76f0f2ea5e3d63df4db6f3704b96a514cc2375876fe80caa2ab7
9109b5c121842a9b8ab69a6133097f8826e9971be37ed5b8877f4cfcd7f1c1f8
922ec9881ffcd5035a7e8a021189d77ef51035ca1d1baae15cf949da07e03c6a
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
927ee0dfe51ef11076e57510990fd5c5fcee1cffd5204a4e3d3caee529c3bd01
93fc8b658124ff5537f0f4d764d1ab052431db7356744319851ec3b69d5c5511
946d9a7a03fb3be233ea45625f62ecc13c46743c63f0b2d0b8588e4ec1436d13
94cdb64a6df3ecad884b92b10669fc2fe9b6c80fb813ef2a4fe7d1db152d5691
9513a9cd2eb5f6102c6b069b0d3d943e810fd741720b9830f5e1478c3d7a66e8
954ac0c8ea35174ba8f69f5525ca745bfb372cd9805b1bdff64b9c3a4fa7d924
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
95f45d5fbad334a4d4243435666e154aa2d7e2fb5a223ab7d60c01157d7946b5
981060307e32f940e64e08f7afb4a3b681dfac27ab79a48afb75153bdec126b3
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7
990e7e8254ab06900bf50d1c394504d354dda7e36e1566624ab1b7f47f6657e2
994de2e1426766358894752d3c206e9ef6d57ef4d71611c4cb39052d1d673e56
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aaa8dea0c9ad051e733888b930fc61572b8084ac7a6893ca22f6b5e4d2691eb
9b18e7bfca8064c887385c5cf57bdbcb6f7d263d0fb9cb320d94bc1f82a62a7c
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9e9ffd05aab299e4953a38fbac1b09dfdf5cf4c138aa72175e7ca879bd57c5ee
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1419499ded1c624e28100c68d2749057dcf47f4ba37e24567d657e491c1e97f
a1538e3b9cb885329d7ec37ef73e34053f4b55174a738028bd62a83e25d48c9d
a1e4625827f907bd6141e9b50896bbf5732578cda07f24b4b249499c53f4a3d3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6af924b608288bebdda417d82bd8e069cc6623ec6351bbf31aa95b55265166b
a6b9ca255d1b81f64849a3e0412ee94a858f10baafb862bfd715541afdb012df
a8a68fbbef0caeca0ae2921f75089978bcd7505014fd22b91abdcc22fb4a6737
a8ab7056fb99d8517ec46d80cc0bf1249b190fe1dc12213c9554892e7c7cdb07
aab755a7ebc3c306f844d515294db41a8dd3fb0eda932379fe8d055d5676d4a3
ab1905366a3a27a4bfbc6565fd896c4ada47c42ac1b1f63c5f8b5d4c277f25ef
abf570aeae62b7ce75f12a8db69d6afeea7d2fc617f266ba6c7ca59390c664c5
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ada7ba5e01552a7732edca496b01c3f0a7466f897fe7682aa8a6faeeb6726d33
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af031efce3b2dbfae2095475699daaacb3a9d03f35fda811184bfff5d4d1b0e0
b04d4c1512ceb8c06f4cf1dee35aee38f7fcf951be9578fc4553144ee5822169
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1cad0af4498c32563fb5add713d7acf47de0bed1ee8b0086e130a8e1df76717
b1d7910eccbd2bda5ba0548cd599a34cec653c417eac8ccd75419846bcd0c53a
b3074e2cf0b12bcf10b46ed42bbe45b43ddfb868a7434b8e7b45ec387924c09a
b3b99beb98a945af8bcf64599f394cc282883de0d329ba80081bf210c51c1c8c
b59201977d3c2c83abccaab9aa678474e96ad70d00fa98b3906b39f9f5161065
b5b7a95a9dfcdaf606e01cf3f9e0fc100cf051907967e1f6656bf3a1c4abec45
b645a85638664c911c407b6199a38b20c34eadda072ab64c5b849c2abb030a76
bb32ac1bd9c989297c96b396deef0f68ec7bdd92c2e1e7aa2482ac44380e8317
bdbb3b88367e0dc7f2af34b3bb701fe2523c8653a48cdfd8aaf67c2d1e18b76d
be3c0d52d30fb7fa6c1f6b6225369be8d0bec4864e9593f8532665d2b6593066
bebe6cc4512ef55a8e50b84e193aeb36a5a97559cfe5260c3c7b443c48173941
bee0fcc6742e29949e7162d5b326af9033732c4df6370add656fe0ad5c2014e5
beeb0f9ff6482c80990cfc609655603b7287c25a54e4c4493e0acd00c1322dc6
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2b83ca50ea08106178668a97715a7fb9d048ff4b5c9131c2b2bfcaa17aad14d
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
c407107d271dfd94219b8ea429d2d412483b44e61d71bfdc4208b4512fada891
c568aa6ebfcf9cc9d424652cc7427424bb0cc67bc24c97bb56c9bfe106bf8fc2
c5db7c87a0421340bc7fed02fd0d08e7685f34bfe4c33b8c9ca62ae55245cfcf
c6a6a422ca749be86f5d83b8d2e38646adc1c8164f58f2d06a0ec82fa6a874ad
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
c88ffd63d5591212cfb5134a6811b560f583f29e515fe8b9570d7ede003c3136
c905a799c91593b68a840f7aae0bd411b7f0d2d475c8f5f5a780d54018fb61b8
ca066ac2cfdf17c1c21a9bc6d204e5d7c278d93985bc1d7344d00d8162624869
ca075c6340920a23f07db7de72920963f7aa79b83aabefced724bed4a700fd0c
ccd05b80129cc99482b3a47baf41579c85614691b7aec7f3211fc08fe2b09939
cddddc3adec56b52844a165736305b1193d35ad0e2e4f541f93ced6bc61dc4cc
ce0da7e2caf1690a740ce621a80b23239b2563da6c0e4a67cd23680152cdf7c8
ce1aa6dd3503fef8412c1635862b6e6c8f9e30e0782d1a9d9f4532af2d61a987
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1cc76a2ebad3324904785be3e4585b00f59a8b4c7b54b38736c64df07ee816b
d1fd01d21ed57fcc32e18246d627822f46a7dd9767735a80005f940467651613
d22b381f174b4e7d3e6424e173f02b9cfc368f2f06e4925dca5743b362ba30e2
d3748bc8fc2eaed9990d160616abd07658f9176839e2e8a5d48266b93dc5e7e4
d4cc2c709011178c06e10f7c74ba463f3e4df26d12c2b11809287f6a9a352f50
d5a85d731ebd57ab35aa30ebeddc68c59c5d6e5f77b75deb4943100f8dcb8968
d7ab0f1e31217960c7bcf0bdb822374271344c75aab4da7825505571e7e9035e
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dcde873c58ccfc91a09ca377c451cfc62a0e9625a9310d620cd8dc4b6a37b7f7
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e613db67519244b5e367d13ccc585c432e8ca6c14af5998438e50f3d4ea1cda3
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e7cb0567c7f8816067f80508b906ccdad89e9e76e05573464926eec5a5276d84
e7ddda0b1a65bff2e149ce6fdfd817fea14533264ec63fef859a9749da0bf917
e8547a61952e7e1a3f4deb3fe1c2f27f9f83f12fccfb55d00bf8e96803563e63
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
e8d861ecd321ebd859d445c1410148fb1e729f3ed3f592c9ef5efa32c100e640
ea9d44babfa4a2cd0031f081fd9381751bee0f7d044ae9254d2b1ce71fa32605
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6ef3ca242df0770d74e3e8e8a048f43099db623fab406b35e007bd1552d698
f292f34c547d0d49e91717572a8ad86fb80eb9c8a17eed0dbc808ec4badd5eb8
f2dbaf8d6327f0b8d21b24353616b8c0bc7115354221b8fc928c444ff04bb238
f2e2f67851f4764753ebe2da932d6ab75050c35a45f03f8924f8df756f70a48d
f44b31bfc8dd2110d060f10ede8c0b22c5739ce85151d029bbb3ad391a0ab845
f51f7a8ead0bb0920672b9f530d2ac461b04de9f3840f4ca9d590ea47106fff2
f5ca1eef91f76fe51e9fc48125a6db15af66605176f45a807711fc110fc0e77f
f8a691e6f523905cca35f8488a78ceadbaa81c057adf1b5a4817871ad27bf787
fafa8d429406447fef33c160c3216c4822e2f7fa1ee2998bb863335ce8f460f0
fb43d05191a103e395189b8a17420610602731d42cfad1a610e632e4052c30aa
fc9cbd43ed896656fa387f6ebd235e2cbc896f05a42c53d438340609b18423ae
fd14a16b73082a165a1d3b55eba44a64c1c968adedf3305c309c49efaf0ff8b7
feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e