urlscan.io logo urlscan.io
SecurityTrails logo

www.sltrib.com Open in urlscan Pro
2.16.186.243  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Submission: On October 18 via api from QA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 99 IPs in 12 countries across 75 domains to perform 291 HTTP transactions. The main IP is 2.16.186.243, located in Ascension Island and belongs to AKAMAI-ASN1, NL. The main domain is www.sltrib.com.
TLS certificate: Issued by R3 on August 24th 2021. Valid for: 3 months.
This is the only time www.sltrib.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
31 2.16.186.243 20940 (AKAMAI-ASN1)
2 35.244.156.29 15169 (GOOGLE)
1 13.225.85.149 16509 (AMAZON-02)
6 2.18.234.190 16625 (AKAMAI-AS)
1 16 142.250.185.98 15169 (GOOGLE)
2 13.224.190.164 16509 (AMAZON-02)
1 13.225.87.88 16509 (AMAZON-02)
2 13.225.84.151 16509 (AMAZON-02)
3 104.26.13.86 13335 (CLOUDFLAR...)
2 104.111.214.229 16625 (AKAMAI-AS)
4 142.250.184.206 15169 (GOOGLE)
2 142.250.185.104 15169 (GOOGLE)
2 5 142.250.184.198 15169 (GOOGLE)
1 151.101.12.157 54113 (FASTLY)
1 92.122.252.200 16625 (AKAMAI-AS)
1 151.101.130.202 54113 (FASTLY)
2 6 151.101.194.137 54113 (FASTLY)
11 13.224.186.4 16509 (AMAZON-02)
1 104.21.60.63 13335 (CLOUDFLAR...)
4 104.17.185.177 13335 (CLOUDFLAR...)
1 13.224.193.58 16509 (AMAZON-02)
3 54.86.215.174 14618 (AMAZON-AES)
1 104.244.42.67 13414 (TWITTER)
1 104.244.42.5 13414 (TWITTER)
2 13 2.18.234.21 16625 (AKAMAI-AS)
8 13 66.155.71.150 13768 (COGECO-PEER1)
2 157.240.20.19 32934 (FACEBOOK)
2 13.225.87.46 16509 (AMAZON-02)
1 1 216.152.140.211 13768 (COGECO-PEER1)
1 66.155.71.189 13768 (COGECO-PEER1)
4 142.250.181.226 15169 (GOOGLE)
2 35.172.245.152 14618 (AMAZON-AES)
5 64.202.112.63 22075 (AS-OUTBRAIN)
2 151.101.114.132 54113 (FASTLY)
1 178.250.2.130 44788 (ASN-CRITE...)
2 34.120.133.55 15169 (GOOGLE)
1 4 76.223.111.131 16509 (AMAZON-02)
1 1 142.250.186.162 15169 (GOOGLE)
2 4 34.248.156.174 16509 (AMAZON-02)
2 4 35.227.248.159 15169 (GOOGLE)
2 18.198.126.47 16509 (AMAZON-02)
2 104.111.242.245 16625 (AKAMAI-AS)
3 5 34.253.109.165 16509 (AMAZON-02)
4 84.53.164.84 34164 (AKAMAI-LON)
1 104.16.42.65 13335 (CLOUDFLAR...)
2 157.240.20.35 32934 (FACEBOOK)
2 35.244.174.68 15169 (GOOGLE)
1 52.211.234.106 16509 (AMAZON-02)
1 104.111.215.191 16625 (AKAMAI-AS)
1 2 185.94.180.125 35220 (SPOTX-AMS)
6 185.64.190.80 62713 (AS-PUBMATIC)
2 142.250.185.194 15169 (GOOGLE)
2 142.250.185.193 15169 (GOOGLE)
3 23.37.38.181 16625 (AKAMAI-AS)
2 198.148.27.134 19189 (PULSEPOINT)
2 13 34.98.64.218 15169 (GOOGLE)
4 178.250.0.165 44788 (ASN-CRITE...)
3 213.19.162.51 3356 (LEVEL3)
2 6 185.33.221.13 29990 (ASN-APPNEX)
1 108.177.15.155 15169 (GOOGLE)
4 142.250.186.68 15169 (GOOGLE)
1 142.250.186.99 15169 (GOOGLE)
3 13.224.193.66 16509 (AMAZON-02)
3 142.250.185.130 15169 (GOOGLE)
1 104.21.53.45 13335 (CLOUDFLAR...)
3 2.18.233.180 16625 (AKAMAI-AS)
2 151.101.65.194 54113 (FASTLY)
2 178.250.2.146 44788 (ASN-CRITE...)
1 3.129.116.66 16509 (AMAZON-02)
1 216.52.2.39 30282 (AS-INAPCD...)
3 51.89.9.252 16276 (OVH)
1 178.162.133.150 60781 (LEASEWEB-...)
1 185.64.189.112 62713 (AS-PUBMATIC)
8 104.17.186.177 13335 (CLOUDFLAR...)
6 142.250.185.129 15169 (GOOGLE)
1 104.17.183.177 13335 (CLOUDFLAR...)
10 142.250.185.162 15169 (GOOGLE)
1 54.36.109.156 16276 (OVH)
1 151.101.65.108 54113 (FASTLY)
2 23.37.42.132 16625 (AKAMAI-AS)
1 185.64.190.78 62713 (AS-PUBMATIC)
1 2 159.253.128.183 36351 (SOFTLAYER)
1 2 3.121.240.184 16509 (AMAZON-02)
1 2 89.207.16.137 41041 (VCLK-EU-SE)
1 35.157.241.112 16509 (AMAZON-02)
3 3 151.101.194.49 54113 (FASTLY)
2 2 188.165.137.78 16276 (OVH)
3 3 51.210.112.63 16276 (OVH)
2 2 50.116.194.21 6336 (TURN-US-ASN)
1 2 35.227.252.103 15169 (GOOGLE)
8 10 142.250.74.194 15169 (GOOGLE)
1 3 52.49.15.229 16509 (AMAZON-02)
3 4 37.157.4.41 198622 (ADFORM)
2 2 213.155.156.181 1299 (TWELVE99 ...)
1 178.250.2.151 44788 (ASN-CRITE...)
3 3 185.29.134.248 30419 (MEDIAMATH...)
2 185.64.189.114 62713 (AS-PUBMATIC)
1 2 172.67.13.182 13335 (CLOUDFLAR...)
3 185.64.189.110 62713 (AS-PUBMATIC)
1 1 91.228.74.189 16509 (AMAZON-02)
2 2 3.126.56.137 16509 (AMAZON-02)
1 2 209.54.178.82 16509 (AMAZON-02)
1 1 54.236.185.42 14618 (AMAZON-AES)
1 3.222.216.135 14618 (AMAZON-AES)
4 4 69.173.144.139 26667 (RUBICONPR...)
1 87.248.118.23 203220 (YAHOO-DEB)
4 69.173.144.138 26667 (RUBICONPR...)
1 69.16.220.201 ()
1 185.64.190.81 ()
2 52.57.44.75 ()
291 99
31    2.16.186.243 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-243.deploy.static.akamaitechnologies.com
www.sltrib.com
2    35.244.156.29 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 29.156.244.35.bc.googleusercontent.com
sltrib.coral.coralproject.net
1    13.225.85.149 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-85-149.fra2.r.cloudfront.net
js.adsrvr.org
6    2.18.234.190 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
16    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
2    13.224.190.164 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-190-164.fra2.r.cloudfront.net
static.chartbeat.com
1    13.225.87.88 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-88.fra2.r.cloudfront.net
cmp.osano.com
2    13.225.84.151 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-151.fra2.r.cloudfront.net
d3plfjw9uod7ab.cloudfront.net
3    104.26.13.86 (United States)

ASN13335 (CLOUDFLARENET, US)
www.queryly.com
2    104.111.214.229 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-229.deploy.static.akamaitechnologies.com
s.go-mpulse.net
c.go-mpulse.net
4    142.250.184.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net
www.google-analytics.com
2    142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net
www.googletagmanager.com
5    142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
8208269.fls.doubleclick.net
8234312.fls.doubleclick.net
1    151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    92.122.252.200 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-252-200.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
1    151.101.130.202 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
6    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
11    13.224.186.4 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-4.fra2.r.cloudfront.net
c.amazon-adsystem.com
1    104.21.60.63 (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
4    104.17.185.177 (United States)

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
buy.tinypass.com
api-v3.tinypass.com
1    13.224.193.58 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-58.fra2.r.cloudfront.net
ob.cheqzone.com
3    54.86.215.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-215-174.compute-1.amazonaws.com
ping.chartbeat.net
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
13    2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
as-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
13    66.155.71.150 (Southampton, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-a.basis.net
pixel.sitescout.com
pixel-sync.sitescout.com
2    157.240.20.19 (United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frt3.fbcdn.net
connect.facebook.net
2    13.225.87.46 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-46.fra2.r.cloudfront.net
cdn.p-n.io
1    216.152.140.211 (Canada)

ASN13768 (COGECO-PEER1, CA)
clickserv.basis.net
1    66.155.71.189 (Southampton, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
clickserv.sitescout.com
4    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
adservice.google.com
2    35.172.245.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-245-152.compute-1.amazonaws.com
obs.cheqzone.com
5    64.202.112.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
log.outbrainimg.com
mcdp-nydc1.outbrain.com
2    151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
odb.outbrain.com
mv.outbrain.com
1    178.250.2.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    34.120.133.55 (United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
4    76.223.111.131 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
adservice.google.de
4    34.248.156.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-156-174.eu-west-1.compute.amazonaws.com
dpm.demdex.net
4    35.227.248.159 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
2    18.198.126.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
loadm.exelator.com
2    104.111.242.245 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
5    34.253.109.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
4    84.53.164.84 (Ascension Island)

ASN34164 (AKAMAI-LON, NL)
PTR: a84-53-164-84.deploy.static.akamaitechnologies.com
cdn.cxense.com
1    104.16.42.65 (United States)

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
2    157.240.20.35 (United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frt3.facebook.com
www.facebook.com
2    35.244.174.68 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
1    52.211.234.106 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-234-106.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    104.111.215.191 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
tags.bluekai.com
2    185.94.180.125 (Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
6    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
adservice.google.de
2    142.250.185.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f1.1e100.net
a74de3f5d59e5a5da1f465ef915dc544.safeframe.googlesyndication.com
8571fced92ea4a4ae707e3d42ab4d201.safeframe.googlesyndication.com
3    23.37.38.181 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
2    198.148.27.134 (New York, United States)

ASN19189 (PULSEPOINT, US)
bid.contextweb.com
13    34.98.64.218 (United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
sltrib-d.openx.net
eu-u.openx.net
os4m-d.openx.net
us-u.openx.net
4    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
3    213.19.162.51 (United Kingdom)

ASN3356 (LEVEL3, US)
fastlane.rubiconproject.com
6    185.33.221.13 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    108.177.15.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f155.1e100.net
stats.g.doubleclick.net
4    142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net
www.google.com
1    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
www.google.de
3    13.224.193.66 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-66.fra2.r.cloudfront.net
cdn1.opstag.com
3    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
www.googletagservices.com
1    104.21.53.45 (United States)

ASN13335 (CLOUDFLARENET, US)
api.devconops.com
3    2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    151.101.65.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    3.129.116.66 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-116-66.us-east-2.compute.amazonaws.com
includemodal.com
1    216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
3    51.89.9.252 (Germany)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
1    178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
8    104.17.186.177 (United States)

ASN13335 (CLOUDFLARENET, US)
buy.tinypass.com
6    142.250.185.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net
tpc.googlesyndication.com
1    104.17.183.177 (United States)

ASN13335 (CLOUDFLARENET, US)
id.sltrib.com
10    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
pagead2.googlesyndication.com
1    54.36.109.156 (Germany)

ASN16276 (OVH, FR)
PTR: p07.id5-sync.com
id5-sync.com
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    23.37.42.132 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
2    3.121.240.184 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-240-184.eu-central-1.compute.amazonaws.com
j.mrpdata.net
2    89.207.16.137 (Sweden)

ASN41041 (VCLK-EU-SE, US)
PTR: ams03-usadmm.dotomi.com
openx2-match.dotomi.com
casale-match.dotomi.com
1    35.157.241.112 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-241-112.eu-central-1.compute.amazonaws.com
match.justpremium.com
3    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    188.165.137.78 (Finland)

ASN16276 (OVH, FR)
PTR: ip78.ip-188-165-137.eu
green.erne.co
3    51.210.112.63 (France)

ASN16276 (OVH, FR)
PTR: pikafka-3.cloudy.ovh
pixel.onaudience.com
2    50.116.194.21 (United States)

ASN6336 (TURN-US-ASN, US)
PTR: presentation-atl1.turn.com
ad.turn.com
2    35.227.252.103 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
10    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
3    52.49.15.229 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-15-229.eu-west-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
4    37.157.4.41 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.181 (Ascension Island)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-181.teliacarrier-cust.com
d5p.de17a.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
3    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    172.67.13.182 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
3    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    91.228.74.189 (United Kingdom)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    209.54.178.82 (Osaka, Japan)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    54.236.185.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-185-42.compute-1.amazonaws.com
sync.extend.tv
1    3.222.216.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-216-135.compute-1.amazonaws.com
rtb.adentifi.com
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    87.248.118.23 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
PTR: e2.ycpi.vip.deb.yahoo.com
ads.yahoo.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    69.16.220.201 (None, )

ASN- ()
local.sltrib.com
1    185.64.190.81 (None, )

ASN- ()
simage4.pubmatic.com
2    52.57.44.75 (None, )

ASN- ()
k.p-n.io
Apex Domain
Subdomains		 Transfer
33 sltrib.com
www.sltrib.com
id.sltrib.com
local.sltrib.com
922 KB
32 doubleclick.net
securepubads.g.doubleclick.net
8208269.fls.doubleclick.net
8234312.fls.doubleclick.net
stats.g.doubleclick.net
pubads.g.doubleclick.net
cm.g.doubleclick.net
333 KB
18 googlesyndication.com
a74de3f5d59e5a5da1f465ef915dc544.safeframe.googlesyndication.com
8571fced92ea4a4ae707e3d42ab4d201.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
91 KB
17 pubmatic.com
image2.pubmatic.com
ads.pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
image4.pubmatic.com
simage2.pubmatic.com
simage4.pubmatic.com
80 KB
15 openx.net
sltrib-d.openx.net
eu-u.openx.net
os4m-d.openx.net
us-u.openx.net
rtb.openx.net
4 KB
13 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
16 KB
13 casalemedia.com
htlb.casalemedia.com
as-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
10 KB
13 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
44 KB
12 tinypass.com
experience.tinypass.com
cdn.tinypass.com
buy.tinypass.com
api-v3.tinypass.com
321 KB
11 outbrain.com
widgets.outbrain.com
widget-pixels.outbrain.com
odb.outbrain.com
mcdp-nydc1.outbrain.com
mv.outbrain.com
119 KB
9 sitescout.com
pixel.sitescout.com
clickserv.sitescout.com
pixel-sync.sitescout.com
8 KB
8 google.com
adservice.google.com
www.google.com
3 KB
7 adnxs.com
ib.adnxs.com
acdn.adnxs.com
22 KB
7 criteo.com
bidder.criteo.com
gum.criteo.com
dis.criteo.com
2 KB
6 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
ads.yahoo.com
5 KB
6 basis.net
pixel-a.basis.net
clickserv.basis.net
401 B
6 connatix.com
cd.connatix.com
cds.connatix.com
482 KB
5 crwdcntrl.net
bcp.crwdcntrl.net
sync.crwdcntrl.net
2 KB
5 adsrvr.org
js.adsrvr.org
match.adsrvr.org
4 KB
4 adform.net
c1.adform.net
2 KB
4 cxense.com
cdn.cxense.com
p1cluster.cxense.com Failed
62 KB
4 tapad.com
pixel.tapad.com
2 KB
4 demdex.net
dpm.demdex.net
3 KB
4 google.de
adservice.google.de
www.google.de
2 KB
4 rlcdn.com
api.rlcdn.com
idsync.rlcdn.com
id.rlcdn.com
503 B
4 p-n.io
cdn.p-n.io
k.p-n.io
59 KB
4 google-analytics.com
www.google-analytics.com
39 KB
3 mathtag.com
sync.mathtag.com
2 KB
3 onaudience.com
pixel.onaudience.com
1 KB
3 everesttech.net
sync-tm.everesttech.net
723 B
3 onetag-sys.com
onetag-sys.com
1 KB
3 googletagservices.com
www.googletagservices.com
102 KB
3 opstag.com
cdn1.opstag.com
106 KB
3 indexww.com
js-sec.indexww.com
46 KB
3 chartbeat.net
ping.chartbeat.net
601 B
3 cheqzone.com
ob.cheqzone.com
obs.cheqzone.com
21 KB
3 outbrainimg.com
tcheck.outbrainimg.com
log.outbrainimg.com
1 KB
3 queryly.com
www.queryly.com
15 KB
3 chartbeat.com
static.chartbeat.com
mab.chartbeat.com
24 KB
2 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
896 B
2 de17a.com
d5p.de17a.com
637 B
2 turn.com
ad.turn.com
866 B
2 erne.co
green.erne.co
573 B
2 dotomi.com
openx2-match.dotomi.com
casale-match.dotomi.com
290 B
2 mrpdata.net
j.mrpdata.net
547 B
2 simpli.fi
um.simpli.fi
1020 B
2 fastly.net
confiant-integrations.global.ssl.fastly.net
73 KB
2 contextweb.com
bid.contextweb.com
847 B
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 facebook.com
www.facebook.com
331 B
2 teads.tv
sync.teads.tv
344 B
2 exelator.com
loadm.exelator.com
648 B
2 facebook.net
connect.facebook.net
170 KB
2 googletagmanager.com
www.googletagmanager.com
99 KB
2 go-mpulse.net
s.go-mpulse.net
c.go-mpulse.net
51 KB
2 cloudfront.net
d3plfjw9uod7ab.cloudfront.net
213 KB
2 coralproject.net
sltrib.coral.coralproject.net
19 KB
1 adentifi.com
rtb.adentifi.com
88 B
1 extend.tv
sync.extend.tv
546 B
1 quantserve.com
pixel.quantserve.com
542 B
1 justpremium.com
match.justpremium.com
323 B
1 id5-sync.com
id5-sync.com
532 B
1 sonobi.com
apex.go.sonobi.com
733 B
1 lijit.com
ap.lijit.com
646 B
1 includemodal.com
includemodal.com
162 B
1 devconops.com
api.devconops.com
639 B
1 bluekai.com
tags.bluekai.com
304 B
1 krxd.net
beacon.krxd.net
338 B
1 piano.io
c2.piano.io
5 KB
1 criteo.net
static.criteo.net
39 KB
1 t.co
t.co
453 B
1 twitter.com
analytics.twitter.com
659 B
1 npttech.com
www.npttech.com
3 KB
1 ads-twitter.com
static.ads-twitter.com
6 KB
1 osano.com
cmp.osano.com
99 KB
291 75
Domain Requested by
31 www.sltrib.com www.sltrib.com
14 securepubads.g.doubleclick.net www.sltrib.com
securepubads.g.doubleclick.net
www.googletagservices.com
11 c.amazon-adsystem.com www.sltrib.com
c.amazon-adsystem.com
10 cm.g.doubleclick.net 8 redirects
10 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
9 buy.tinypass.com cdn.tinypass.com
buy.tinypass.com
7 pixel.sitescout.com 2 redirects www.sltrib.com
8234312.fls.doubleclick.net
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 ib.adnxs.com 2 redirects js-sec.indexww.com
cdn1.opstag.com
acdn.adnxs.com
6 image2.pubmatic.com 8234312.fls.doubleclick.net
ads.pubmatic.com
5 us-u.openx.net eu-u.openx.net
5 pixel-a.basis.net 5 redirects
5 widgets.outbrain.com www.sltrib.com
widgets.outbrain.com
4 pixel.rubiconproject.com
4 token.rubiconproject.com 4 redirects
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 www.google.com www.sltrib.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 bidder.criteo.com static.criteo.net
4 sltrib-d.openx.net 2 redirects www.sltrib.com
4 cdn.cxense.com cdn.tinypass.com
cdn.cxense.com
4 bcp.crwdcntrl.net 2 redirects www.sltrib.com
4 pixel.tapad.com 2 redirects www.sltrib.com
4 dpm.demdex.net 2 redirects www.sltrib.com
4 match.adsrvr.org 1 redirects js-sec.indexww.com
ads.pubmatic.com
ssum-sec.casalemedia.com
4 adservice.google.com 8234312.fls.doubleclick.net
8208269.fls.doubleclick.net
securepubads.g.doubleclick.net
4 cds.connatix.com www.sltrib.com
cd.connatix.com
4 www.google-analytics.com www.sltrib.com
www.googletagmanager.com
www.google-analytics.com
3 simage2.pubmatic.com ads.pubmatic.com
3 sync.mathtag.com 3 redirects
3 pr-bh.ybp.yahoo.com 1 redirects eu-u.openx.net
ads.pubmatic.com
3 pixel.onaudience.com 3 redirects
3 sync-tm.everesttech.net 3 redirects
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 onetag-sys.com cdn1.opstag.com
3 ads.pubmatic.com www.sltrib.com
cdn1.opstag.com
ads.pubmatic.com
3 www.googletagservices.com securepubads.g.doubleclick.net
www.sltrib.com
3 cdn1.opstag.com securepubads.g.doubleclick.net
cdn1.opstag.com
3 eu-u.openx.net js-sec.indexww.com
cdn1.opstag.com
3 fastlane.rubiconproject.com js-sec.indexww.com
cdn1.opstag.com
3 htlb.casalemedia.com js-sec.indexww.com
cdn1.opstag.com
3 mcdp-nydc1.outbrain.com widgets.outbrain.com
3 adservice.google.de 1 redirects securepubads.g.doubleclick.net
3 js-sec.indexww.com www.googletagmanager.com
cdn1.opstag.com
ssum-sec.casalemedia.com
3 ping.chartbeat.net www.sltrib.com
3 8234312.fls.doubleclick.net 1 redirects www.sltrib.com
adservice.google.com
3 www.queryly.com www.sltrib.com
2 k.p-n.io cdn.p-n.io
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 ups.analytics.yahoo.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 rtb.openx.net 1 redirects eu-u.openx.net
2 ad.turn.com 2 redirects
2 green.erne.co 2 redirects
2 j.mrpdata.net 1 redirects eu-u.openx.net
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 eus.rubiconproject.com cdn1.opstag.com
eus.rubiconproject.com
2 gum.criteo.com ads.pubmatic.com
2 pubads.g.doubleclick.net 1 redirects www.sltrib.com
2 confiant-integrations.global.ssl.fastly.net cdn1.opstag.com
confiant-integrations.global.ssl.fastly.net
2 as-sec.casalemedia.com js-sec.indexww.com
2 bid.contextweb.com js-sec.indexww.com
2 sync.search.spotxchange.com 1 redirects www.sltrib.com
2 www.facebook.com www.sltrib.com
2 sync.teads.tv www.sltrib.com
pixel.sitescout.com
2 loadm.exelator.com www.sltrib.com
pixel.sitescout.com
2 api.rlcdn.com js-sec.indexww.com
ads.pubmatic.com
2 log.outbrainimg.com widgets.outbrain.com
2 obs.cheqzone.com ob.cheqzone.com
www.sltrib.com
2 cdn.p-n.io www.googletagmanager.com
cdn.p-n.io
2 connect.facebook.net www.sltrib.com
connect.facebook.net
2 cd.connatix.com 2 redirects
2 8208269.fls.doubleclick.net 1 redirects www.sltrib.com
2 www.googletagmanager.com www.sltrib.com
www.googletagmanager.com
2 d3plfjw9uod7ab.cloudfront.net www.sltrib.com
securepubads.g.doubleclick.net
2 static.chartbeat.com www.sltrib.com
2 sltrib.coral.coralproject.net www.sltrib.com
1 simage4.pubmatic.com ads.pubmatic.com
1 local.sltrib.com buy.tinypass.com
1 api-v3.tinypass.com cdn.tinypass.com
1 id.rlcdn.com
1 ads.yahoo.com
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 sync.extend.tv 1 redirects
1 pixel.quantserve.com 1 redirects
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 sync.crwdcntrl.net 1 redirects
1 match.justpremium.com eu-u.openx.net
1 pixel-sync.sitescout.com 1 redirects
1 openx2-match.dotomi.com eu-u.openx.net
1 image6.pubmatic.com ads.pubmatic.com
1 acdn.adnxs.com cdn1.opstag.com
1 id5-sync.com ads.pubmatic.com
1 id.sltrib.com cdn.tinypass.com
1 8571fced92ea4a4ae707e3d42ab4d201.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 hbopenbid.pubmatic.com cdn1.opstag.com
1 apex.go.sonobi.com cdn1.opstag.com
1 ap.lijit.com cdn1.opstag.com
1 os4m-d.openx.net cdn1.opstag.com
1 includemodal.com d3plfjw9uod7ab.cloudfront.net
1 api.devconops.com www.sltrib.com
1 www.google.de www.sltrib.com
1 stats.g.doubleclick.net www.google-analytics.com
1 a74de3f5d59e5a5da1f465ef915dc544.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 tags.bluekai.com 8234312.fls.doubleclick.net
1 beacon.krxd.net 8234312.fls.doubleclick.net
1 idsync.rlcdn.com 8234312.fls.doubleclick.net
1 mv.outbrain.com widgets.outbrain.com
1 c2.piano.io cdn.tinypass.com
1 cdn.tinypass.com experience.tinypass.com
1 static.criteo.net js-sec.indexww.com
1 odb.outbrain.com widgets.outbrain.com
1 c.go-mpulse.net s.go-mpulse.net
1 clickserv.sitescout.com www.sltrib.com
1 clickserv.basis.net 1 redirects
1 t.co www.sltrib.com
1 analytics.twitter.com static.ads-twitter.com
1 ob.cheqzone.com widgets.outbrain.com
1 experience.tinypass.com www.sltrib.com
1 www.npttech.com www.sltrib.com
1 mab.chartbeat.com static.chartbeat.com
1 widget-pixels.outbrain.com www.sltrib.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 static.ads-twitter.com www.sltrib.com
1 s.go-mpulse.net www.sltrib.com
1 cmp.osano.com www.sltrib.com
1 js.adsrvr.org www.sltrib.com
0 p1cluster.cxense.com Failed cdn.cxense.com
291 133

This site contains no links.

Subject Issuer Validity Valid
star.arcpublishing.com
R3		 2021-08-24 -
2021-11-22		 3 months crt.sh
sltrib.coral.coralproject.net
GTS CA 1D4		 2021-08-28 -
2021-11-26		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2021-05-20 -
2022-06-03		 a year crt.sh
cmp.osano.com
Amazon		 2021-09-17 -
2022-10-16		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-05-08 -
2022-05-07		 a year crt.sh
akstat.io
DigiCert SHA2 Secure Server CA		 2021-06-08 -
2022-06-13		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
*.outbrainimg.com
DigiCert SHA2 Secure Server CA		 2021-05-04 -
2022-05-09		 a year crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2021-08-20 -
2022-09-21		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.piano.io
Sectigo RSA Domain Validation Secure Server CA		 2021-08-19 -
2022-09-18		 a year crt.sh
*.cheqzone.com
Amazon		 2021-02-21 -
2022-03-22		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2020-12-01 -
2021-12-30		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.sitescout.com
RapidSSL RSA CA 2018		 2020-01-15 -
2022-02-02		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-29 -
2021-10-27		 3 months crt.sh
pushlycdn.com
Amazon		 2021-03-16 -
2022-04-14		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
obs.cheqzone.com
R3		 2021-10-06 -
2022-01-04		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-13 -
2022-10-14		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-06-07		 a year crt.sh
teads.tv
R3		 2021-08-23 -
2021-11-21		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.cxense.com
DigiCert SHA2 Secure Server CA		 2021-05-21 -
2022-05-26		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-26		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.de
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.opstag.com
Amazon		 2020-11-29 -
2021-12-28		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
includemodal.com
Amazon		 2021-10-16 -
2022-11-13		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
onetag-sys.com
R3		 2021-10-14 -
2022-01-12		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
id.sltrib.com
Cloudflare Inc ECC CA-3		 2021-08-30 -
2022-08-29		 a year crt.sh
*.id5-sync.com
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.mrpdata.net
Amazon		 2020-12-04 -
2022-01-02		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
tracking.justpremium.com
Amazon		 2021-03-01 -
2022-03-30		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-09-27 -
2021-11-17		 2 months crt.sh
local.sltrib.com
cPanel, Inc. Certification Authority		 2021-09-27 -
2021-12-26		 3 months crt.sh
*.p-n.io
Amazon		 2021-01-26 -
2022-02-23		 a year crt.sh

This page contains 33 frames:

Primary Page: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Frame ID: D065C6F42D3AEEB82CAE351D542E466B
Requests: 153 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/EQ5PL-TYNFS-SR6UD-ZERFB-E2CY6
Frame ID: D44DADBDCDE23E5C8C03132B821838A3
Requests: 2 HTTP requests in this frame

Frame: https://8208269.fls.doubleclick.net/activityi;dc_pre=CKKO0Y3H1PMCFcbHUQodNV0P-w;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999
Frame ID: E56399E4BD2E94CD29F7D710778327CB
Requests: 2 HTTP requests in this frame

Frame: https://8234312.fls.doubleclick.net/activityi;dc_pre=CK3zz43H1PMCFbT41QodoPMO3g;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999
Frame ID: 27A327A8AB9C8A67CA843894844EE56F
Requests: 1 HTTP requests in this frame

Frame: https://cds.connatix.com/p/133566/connatix.player.dc.js
Frame ID: 8ACCCE8BB31271091E6380F914A0B763
Requests: 1 HTTP requests in this frame

Frame: https://cds.connatix.com/p/133566/connatix.playspace.dc.js
Frame ID: 0127A015205A7AD395476809B25E7263
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Frame ID: E8870C7524FE0672C2F7FC30EB123033
Requests: 6 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Frame ID: AC854BF57A323A5CACF642EDB7BC58F4
Requests: 6 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CK3zz43H1PMCFbT41QodoPMO3g;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999;~oref=https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Frame ID: DC1F98078FCF304D6F1871BBE4516CB3
Requests: 1 HTTP requests in this frame

Frame: https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CK3zz43H1PMCFbT41QodoPMO3g;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999;~oref=https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Frame ID: 374D1C85BB4ECB175980C7A24ABE0320
Requests: 2 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 03A5A3202069942A844D925C3A82A043
Requests: 6 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: F886C46CF5851E25DE735547380391AD
Requests: 1 HTTP requests in this frame

Frame: https://a74de3f5d59e5a5da1f465ef915dc544.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3C90DD9E59DF4AE220F7A980906E36A1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: BE8CDE885411EC240B7D130B640D9AF2
Requests: 3 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=0
Frame ID: B7BD84C34B5A53B046F8B4D02948A6BD
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=0
Frame ID: 66EC4223276D5DAD57F8BABDAA1F2032
Requests: 1 HTTP requests in this frame

Frame: https://cdn1.opstag.com/14129/prebid.js
Frame ID: BADC52FDBAEF0E7AA40593E7CBDB0B1B
Requests: 34 HTTP requests in this frame

Frame: https://8571fced92ea4a4ae707e3d42ab4d201.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 5A828730D00C9B9C3F76808CD338DF7A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 7B027621782583035D946F2B6F7498EF
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A4D054A75BA80FF0D280075ED8D9E39F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: E653E674BAF6BF84C95A4A564E0A15C8
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A29DA75E2B9182904B3C613FA7E1896F
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 693841EF40C35C39AD6BBDCDCEB7317D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F72A63B8F5E3E8112FF0E60707B6BC0B
Requests: 3 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
Frame ID: 9C4C1A52AEFB11B2160FE3257B2ACEAF
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Frame ID: A7E841AAA1277E546178133BB35AD097
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1634580565266
Frame ID: 944A3212E3292D401F02F749DBED7BED
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 7FD477EA661086C5D168846074621FB5
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/news/2021/03/10/no-link-between-covid/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: F3F009BD2686692BB15D7706A49B336C
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=2684AE81-9251-404F-994E-540E73CB0A91
Frame ID: 6AEA66EF699EA3AB18DFED092C765051
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6525862033713072916
Frame ID: 04A51DB567DC7B555B711B6494DC597E
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 8849FF2E6D830F63DB4048C5673A1857
Requests: 1 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=vxCIN3E3cT&templateId=OT4F5RD8EUFX&gaClientId=333263264.1634580562&offerId=fakeOfferId&experienceId=EXDCKFHYSTBP&iframeId=offer_a826314fb33d1ebcbcac-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.sltrib.com
Frame ID: 971CA20F271005FD6D8BAEB4280FD43C
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

291
Requests

99 %
HTTPS

0 %
IPv6

75
Domains

133
Subdomains

99
IPs

12
Countries

3719 kB
Transfer

11785 kB
Size

108
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40
  • https://8208269.fls.doubleclick.net/activityi;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999 HTTP 302
  • https://8208269.fls.doubleclick.net/activityi;dc_pre=CKKO0Y3H1PMCFcbHUQodNV0P-w;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999
Request Chain 41
  • https://8234312.fls.doubleclick.net/activityi;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999 HTTP 302
  • https://8234312.fls.doubleclick.net/activityi;dc_pre=CK3zz43H1PMCFbT41QodoPMO3g;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999
Request Chain 55
  • https://cd.connatix.com/connatix.player.js HTTP 302
  • https://cds.connatix.com/p/133566/connatix.player.dc.js
Request Chain 57
  • https://cd.connatix.com/connatix.playspace.js HTTP 302
  • https://cds.connatix.com/p/133566/connatix.playspace.dc.js
Request Chain 66
  • https://pixel-a.basis.net/dmp/asyncPixelSync HTTP 301
  • https://pixel.sitescout.com/dmp/asyncPixelSync HTTP 302
  • https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Request Chain 67
  • https://pixel-a.basis.net/dmp/asyncPixelSync HTTP 301
  • https://pixel.sitescout.com/dmp/asyncPixelSync HTTP 302
  • https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Request Chain 70
  • https://pixel-a.basis.net/iap/dda8255d32e6482d HTTP 301
  • https://pixel.sitescout.com/iap/dda8255d32e6482d
Request Chain 71
  • https://clickserv.basis.net/conv/1ea036853c174e3a HTTP 301
  • https://clickserv.sitescout.com/conv/1ea036853c174e3a
Request Chain 87
  • https://adservice.google.de/ddm/fls/i/dc_pre=CK3zz43H1PMCFbT41QodoPMO3g;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999;~oref=https://www.sltrib.com/news/2021/03/10/no-link-between-covid/ HTTP 302
  • https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CK3zz43H1PMCFbT41QodoPMO3g;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999;~oref=https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Request Chain 88
  • https://dpm.demdex.net/ibs:dpid=82530&dpuuid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553&gdpr=0&gdpr_consent=
Request Chain 89
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2499&partner_device_id=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553
Request Chain 92
  • https://bcp.crwdcntrl.net/map/c=1389/tp=STSC/tpid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/tpid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553
Request Chain 93
  • https://dpm.demdex.net/ibs:dpid=82530&dpuuid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553&gdpr=0&gdpr_consent=
Request Chain 94
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2499&partner_device_id=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553
Request Chain 97
  • https://bcp.crwdcntrl.net/map/c=1389/tp=STSC/tpid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/tpid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553
Request Chain 103
  • https://pixel-a.basis.net/dmp/asyncPixelSync HTTP 301
  • https://pixel.sitescout.com/dmp/asyncPixelSync
Request Chain 104
  • https://pixel-a.basis.net/iap/9f30138796dc7a6a HTTP 301
  • https://pixel.sitescout.com/iap/9f30138796dc7a6a
Request Chain 117
  • https://sync.search.spotxchange.com/partner?adv_id=7308&uid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7308&uid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553&__user_check__=1&sync_id=85d20e86-303e-11ec-85d9-17d925990306
Request Chain 130
  • https://sltrib-d.openx.net/w/1.0/arj?auid=540769365&aus=728x90&ju=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._mm0LQisj&cache=1634580563314&ttduuid=567680f8-24d9-476e-98f8-bd7261493f13 HTTP 302
  • https://sltrib-d.openx.net/w/1.0/arj?cc=1&auid=540769365&aus=728x90&ju=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._mm0LQisj&cache=1634580563314&ttduuid=567680f8-24d9-476e-98f8-bd7261493f13
Request Chain 138
  • https://sltrib-d.openx.net/w/1.0/arj?auid=540769383&aus=300x600&ju=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._Ka8OUfzf&cache=1634580563339&ttduuid=567680f8-24d9-476e-98f8-bd7261493f13 HTTP 302
  • https://sltrib-d.openx.net/w/1.0/arj?cc=1&auid=540769383&aus=300x600&ju=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._Ka8OUfzf&cache=1634580563339&ttduuid=567680f8-24d9-476e-98f8-bd7261493f13
Request Chain 175
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570/saltlaketribune/sltrib-14129-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5756270048 HTTP 302
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570/saltlaketribune/sltrib-14129-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5756270048&pre=1
Request Chain 232
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/news/2021/03/10/no-link-between-covid/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/news/2021/03/10/no-link-between-covid/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 234
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=069C987E115A4EFB811BBDDDCE171260
Request Chain 235
  • https://j.mrpdata.net/c.html?ex=OpenX HTTP 302
  • https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
Request Chain 237
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553&gdpr=0&gdpr_consent=
Request Chain 239
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YW24WAAKHNgciQA6 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YW24WAAKHNgciQA6&_test=YW24WAAKHNgciQA6
Request Chain 240
  • https://green.erne.co/openx/cm HTTP 302
  • https://pixel.onaudience.com/?mapped=XntLCbyBHqi3PbxDYAjvXqzB&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253DXntLCbyBHqi3PbxDYAjvXqzB HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct%252Fcm%253Fred%253Dhttps%25253A%25252F%25252Fus-u.openx.net%25252Fw%25252F1.0%25252Fsd%25253Fid%25253D537072998%252526rtb%25253DXntLCbyBHqi3PbxDYAjvXqzB HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=6fa5c2463178d9da22c1be6dc0c3f000&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253DXntLCbyBHqi3PbxDYAjvXqzB HTTP 302
  • https://green.erne.co/ct/cm?red=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3DXntLCbyBHqi3PbxDYAjvXqzB HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=XntLCbyBHqi3PbxDYAjvXqzB
Request Chain 241
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8145206993111361502&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 242
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=vB7eTAWahOqrPKaNtQzeww==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 244
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 246
  • https://c1.adform.net/serving/cookie/match?party=14&cid=2684AE81-9251-404F-994E-540E73CB0A91 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=2684AE81-9251-404F-994E-540E73CB0A91
Request Chain 247
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6525862033713072916
Request Chain 249
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JoSugZJRQE-ZTlQOc8sKkQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 250
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=51f9616d-b858-4400-9938-ab22e7d5113d
Request Chain 251
  • https://pixel.onaudience.com/?partner=214&mapped=2684AE81-9251-404F-994E-540E73CB0A91 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=2969eb3e5db78b84 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f0ec33bb-e788-4e6c-5eb6-23f772a7337a&reqId=674434e6-d777-4f1a-60fe-1992061f3c34&zcluid=2969eb3e5db78b84&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEERvk0pKiGxCoHpVJRZppS0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f0ec33bb-e788-4e6c-5eb6-23f772a7337a&reqId=674434e6-d777-4f1a-60fe-1992061f3c34&zcluid=2969eb3e5db78b84&zdid=1332
Request Chain 252
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjY4NEFFODEtOTI1MS00MDRGLTk5NEUtNTQwRTczQ0IwQTkx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 253
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEdh_N0G_KOb4U8jO_sFiXY&google_cver=1
Request Chain 255
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=567680f8-24d9-476e-98f8-bd7261493f13
Request Chain 256
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=256328738182924917
Request Chain 257
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:5aef616d-b858-4000-b930-3413e8ad21ef&gdpr=0&gdpr_consent=
Request Chain 258
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9195677227594937297&gdpr=0&gdpr_consent=
Request Chain 259
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ek3h6y5E4rdhHba6Lh36vHRI57xhRbbtKUlOKJ4h
Request Chain 260
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2684AE81-9251-404F-994E-540E73CB0A91&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2684AE81-9251-404F-994E-540E73CB0A91&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-wc_dBmFE2uVfbdNsLA1LnEFB4Cb6D.s-~A&gdpr=0&gdpr_consent=
Request Chain 262
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YW24WE9XGEiVrZZztqykTAAABE4AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YW24WE9XGEiVrZZztqykTAAABE4AAAAB&dcc=t
Request Chain 263
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YW24WE9XGEiVrZZztqykTAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFttccFG5pfhV0zn1PLhdQ4&google_cver=1&gdpr=1
Request Chain 265
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YW24WE9XGEiVrZZztqykTAAABE4AAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEF2f8zHq61KXm7VLoDGVjqo&google_cver=1
Request Chain 266
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=584bb2c0-cbb8-458f-8461-40c3fda1e4d6
Request Chain 267
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1634666968&gdpr=1
Request Chain 268
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2669393895693887454
Request Chain 271
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KUWZ2ATJ-D-K40A&sigv=1&esig=2~56ed8069f87de62e91b864e4d2907dde70be0d36
Request Chain 272
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/XVbabBCPRydTRYfa_m9Sdw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4474588870518621457
Request Chain 273
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VXWjJBVEotRC1LNDBB
Request Chain 274
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5aef616d-b858-4000-b930-3413e8ad21ef&expires=28
Request Chain 275
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDWIm3tvcNjIojTKA9mWYLk&google_cver=1
Request Chain 276
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGI5ZWMyOWRjNjU2OThkMDIwYzE0ZDhmNjRjY2MyZTA4YTE2ZGNkMg
Request Chain 277
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YW24WAAKHNgciQA6

291 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.sltrib.com/news/2021/03/10/no-link-between-covid/ 		395 KB
76 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.243 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-243.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
985e4a06420f8c11fd3275789c334b12a66fded63b22944719c3507fe1efa2c8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

:method
GET
:authority
www.sltrib.com
:scheme
https
:path
/news/2021/03/10/no-link-between-covid/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
server
openresty
content-encoding
gzip
etag
W/"62039-CVggKMQFaAMZRGPcniPQYykbdAE"
last-modified
Mon, 18 Oct 2021 18:09:20 GMT
vary
Accept-Encoding
x-akamai-transformed
9 73908 0 pmb=mRUM,2
cache-control
private, max-age=60
expires
Mon, 18 Oct 2021 18:10:20 GMT
date
Mon, 18 Oct 2021 18:09:20 GMT
set-cookie
arc-country=DE; expires=Mon, 18-Oct-2021 18:24:20 GMT; path=/ AKA_A2=A; expires=Mon, 18-Oct-2021 19:09:20 GMT; path=/; domain=sltrib.com; secure; HttpOnly
server-timing
cdn-cache; desc=REVALIDATE edge; dur=269 origin; dur=827
link
<https://sltrib.coral.coralproject.net>;rel="preconnect",<https://js.adsrvr.org>;rel="preconnect",<https://www.queryly.com>;rel="preconnect",<https://static.chartbeat.com>;rel="preconnect",<https://cmp.osano.com>;rel="preconnect",<https://www.googletagmanager.com>;rel="preconnect",<https://cd.connatix.com>;rel="preconnect",<https://c.amazon-adsystem.com>;rel="preconnect"
strict-transport-security
max-age=86400
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
arc-country
DE
main.css
www.sltrib.com/pf/resources/css/ 		113 B
726 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/css/main.css?d=240
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.243 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-243.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
668c0ef605758b2a28ae572680986554e0097e2f10a749db8316b3cb1574806c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:19 GMT
content-encoding
gzip
x-amz-request-id
FN53F6TZQ6891VQG
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT edge; dur=1
content-length
88
x-amz-id-2
Ql44H1YRj8OsL6A0JENiU1zpugc6ohLA8Vr9a476ZrYG1oTabkDNHPopR8hVHZ8mZEmk0dtO+gs=
x-akamai-http2-push
1
last-modified
Mon, 11 Oct 2021 22:28:15 GMT
server
openresty
etag
W/"c07ed12e990cf688bbb98cbc27f198a8"
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
set-cookie
arc-country=DE; expires=Mon, 18-Oct-2021 18:24:19 GMT; path=/
expires
Tue, 18 Oct 2022 18:09:19 GMT
carousel.css
www.sltrib.com/pf/resources/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/css/carousel.css?d=240
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.243 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-243.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
93fc8b658124ff5537f0f4d764d1ab052431db7356744319851ec3b69d5c5511
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:19 GMT
content-encoding
gzip
x-amz-request-id
FN552630E1GCB901
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT edge; dur=1
content-length
826
x-amz-id-2
8YGa4vghsg05hbrlY3zxKvezGgAHU+63owA8RZ+KnSikRU/fAs2N72iLB2ae3kB5mU0ONPmVRlU=
x-akamai-http2-push
1
last-modified
Mon, 11 Oct 2021 22:28:15 GMT
server
openresty
etag
W/"a967928dd3b5d82f2d2f613f61699944"
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
set-cookie
arc-country=DE; expires=Mon, 18-Oct-2021 18:24:19 GMT; path=/
expires
Tue, 18 Oct 2022 18:09:19 GMT
count.js
sltrib.coral.coralproject.net/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sltrib.coral.coralproject.net/assets/js/count.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.156.29 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
29.156.244.35.bc.googleusercontent.com
Software
/
Resource Hash
eb92187bc7726534b1d4a2cc0409325cd71ecf285b7c2950b760b2881044189e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
x-content-type-options
nosniff
age
1508
alt-svc
clear
content-length
1676
x-xss-protection
1; mode=block
x-trace-id
34974010-302a-11ec-be5d-33934ac6854d
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 20 Sep 2021 20:59:44 GMT
date
Mon, 18 Oct 2021 17:44:12 GMT
vary
Accept-Encoding
content-language
en-US
via
1.1 google
cache-control
public, max-age=1800, s-max-age=604800
etag
W/"68c-17c0501ea00"
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
embed.js
sltrib.coral.coralproject.net/assets/js/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sltrib.coral.coralproject.net/assets/js/embed.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.156.29 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
29.156.244.35.bc.googleusercontent.com
Software
/
Resource Hash
92bfdcca894c5564d57a8a74b493cd4df537a4909157b362abbd9739e71c16fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
x-content-type-options
nosniff
age
926
alt-svc
clear
content-length
17046
x-xss-protection
1; mode=block
x-trace-id
5c45c4d0-303c-11ec-b15c-d52703b6eef2
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 20 Sep 2021 21:00:31 GMT
date
Mon, 18 Oct 2021 17:53:54 GMT
vary
Accept-Encoding
content-language
en-US
via
1.1 google
cache-control
public, max-age=1800, s-max-age=604800
etag
W/"4296-17c0502a198"
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
react.js
www.sltrib.com/pf/dist/engine/ 		271 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/dist/engine/react.js?d=240
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.243 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-243.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
affcef1cf5582d4aa43b7a053ad38e4076a343588a84aa3d4588463cda0bc395
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

:path
/pf/dist/engine/react.js?d=240
pragma
no-cache
cookie
arc-country=DE; AKA_A2=A
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.sltrib.com
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:20 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
FN50ZY4F6CDA6KS8
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT edge; dur=1
content-length
86086
x-amz-id-2
T2KWyk4geWuOyuRJCXZQMF3xbX2mECB1m/K4NRhyVsV+tQYBEdsjmA+wE+6AjST0vfh4h6VG9Ps=
last-modified
Mon, 11 Oct 2021 22:28:16 GMT
server
openresty
etag
W/"b2d4421d2f0a707f9ab7d1f6ffa01675"
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Tue, 18 Oct 2022 18:09:20 GMT
default.js
www.sltrib.com/pf/dist/components/combinations/ 		1 MB
384 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/dist/components/combinations/default.js?d=240
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.243 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-243.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
d96ccf636ef33b1e9c507b09979dd02b541989d68dc18a83be2cc9e3f275abbf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

:path
/pf/dist/components/combinations/default.js?d=240
pragma
no-cache
cookie
arc-country=DE; AKA_A2=A
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.sltrib.com
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:20 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
FN519YN8ZP12VYXC
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT edge; dur=1
content-length
391400
x-amz-id-2
5C1c0UIOfDUeWQrbof2aEPgDKgFV3w5OV/ABPBmqDJ1z2JKhZSI3vNaAsk0Vgwztz51EYfu0pV4=
last-modified
Mon, 11 Oct 2021 22:28:16 GMT
server
openresty
etag
W/"5e0325cba517accc2935e0dcea7d73e5"
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Tue, 18 Oct 2022 18:09:20 GMT
default.css
www.sltrib.com/pf/dist/components/output-types/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/dist/components/output-types/default.css?d=240
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.243 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-243.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
0680615b6bf188287295e621b64538d8dbabc251c085a13137915a33450f70e1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:19 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
FN5BGZM29M88M6TE
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT edge; dur=1
content-length
1396
x-amz-id-2
OkFMjDySQaF1sIGVe6MKm5/UFpeWjFYxm5SbSUCw8NlKOrm0oTC1r79Odny+umXhdew1oWX8Dog=
x-akamai-http2-push
1
last-modified
Mon, 11 Oct 2021 22:28:16 GMT
server
openresty
etag
W/"d745b567e637d37cfafb4d028be0f7fd"
strict-transport-security
max-age=86400
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
set-cookie
arc-country=DE; expires=Mon, 18-Oct-2021 18:24:19 GMT; path=/
expires
Tue, 18 Oct 2022 18:09:19 GMT
default.css
www.sltrib.com/pf/dist/components/combinations/ 		140 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/dist/components/combinations/default.css?d=240
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.243 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-243.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
98116242c6e7f32ff1c53ef9a1c123c2d7f3e6b34f02721c7468460a2ccd1894
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:19 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
FN58CQE4ZJ71FZGQ
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT edge; dur=1
content-length
17707
x-amz-id-2
djav/O5Z2kJW4O4qAeD6YBp9O7cDwLlrzPdVd4EBg4wDFv5n6YM1p83RDupQSNwQtvZMraaFBQ8=
x-akamai-http2-push
1
last-modified
Mon, 11 Oct 2021 22:28:16 GMT
server
openresty
etag
W/"3ef3882de70b28035b8b17a6f168c965"
strict-transport-security
max-age=86400
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
set-cookie
arc-country=DE; expires=Mon, 18-Oct-2021 18:24:19 GMT; path=/
expires
Tue, 18 Oct 2022 18:09:19 GMT
812ed2c8-76c2-42e1-b690-3a87ab025bce.png
www.sltrib.com/resizer/lmhiCuD4SoWSFQ8DzYFUFFofWH0=/60x60/s3.amazonaws.com/arc-authors/sltrib/ 		996 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/lmhiCuD4SoWSFQ8DzYFUFFofWH0=/60x60/s3.amazonaws.com/arc-authors/sltrib/812ed2c8-76c2-42e1-b690-3a87ab025bce.png
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.243 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-243.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
734177d11a259613a01026c55a0b390a5d9fd2955086fca22ae02b33c7dec537
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

:path
/resizer/lmhiCuD4SoWSFQ8DzYFUFFofWH0=/60x60/s3.amazonaws.com/arc-authors/sltrib/812ed2c8-76c2-42e1-b690-3a87ab025bce.png
pragma
no-cache
cookie
arc-country=DE; AKA_A2=A
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.sltrib.com
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:20 GMT
x-check-cacheable
YES
x-serial
1067
arc-country
DE
etag
"f2a8c1821038ee96eb7355cc6bb6fbd40866d260"
strict-transport-security
max-age=86400
content-type
image/webp
x-edgeconnect-cache-status
1
cache-control
private, max-age=17003839
last-modified
Mon, 03 May 2021 13:23:25 GMT
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
server-timing
cdn-cache; desc=HIT edge; dur=1
content-length
996
server
Akamai Image Manager
expires
Tue, 03 May 2022 13:26:39 GMT
CAMSZ2OWOBGUXKW46NYMSD2JZE.png
www.sltrib.com/resizer/M6zwX1kKMkHu8Z8uXVUKeFM6plo=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/M6zwX1kKMkHu8Z8uXVUKeFM6plo=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/CAMSZ2OWOBGUXKW46NYMSD2JZE.png
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.243 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-243.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
aac4551f7c4af39a0614508108a3029ac07febc405b0a20ddaa1d9649e48f9db
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

:path
/resizer/M6zwX1kKMkHu8Z8uXVUKeFM6plo=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/CAMSZ2OWOBGUXKW46NYMSD2JZE.png
pragma
no-cache
cookie
arc-country=DE; AKA_A2=A
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.sltrib.com
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:20 GMT
x-check-cacheable
YES
x-serial
423
arc-country
DE
etag
"f208876fff231d530dbfb691ae9f03e911a27e23"
strict-transport-security
max-age=86400
content-type
image/webp
cache-control
private, no-transform, max-age=31436069
last-modified
Sun, 17 Oct 2021 14:23:59 GMT
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
server-timing
cdn-cache; desc=HIT edge; dur=1
content-length
4904
server
Akamai Image Manager
expires
Mon, 17 Oct 2022 14:23:49 GMT
LGIEPCKEB5AQVB5WQA2MKBM7KE.jpg
www.sltrib.com/resizer/WvvSUfLAgoa3zstojvleooNoXlU=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/WvvSUfLAgoa3zstojvleooNoXlU=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/LGIEPCKEB5AQVB5WQA2MKBM7KE.jpg
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.243 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-243.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
7b0c7c717a2a887f1cfe30542e03b025be4be204acbf30936915509aaab6c4f7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

:path
/resizer/WvvSUfLAgoa3zstojvleooNoXlU=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/LGIEPCKEB5AQVB5WQA2MKBM7KE.jpg
pragma
no-cache
cookie
arc-country=DE; AKA_A2=A
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.sltrib.com
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:20 GMT
last-modified
Sun, 17 Oct 2021 14:23:04 GMT
server
Akamai Image Manager
arc-country
DE
etag
"36d0e6c97d1fcdac941c6cb8575f149839c31a6c"
strict-transport-security
max-age=86400
content-type
image/webp
cache-control
private, no-transform, max-age=31436048
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
server-timing
cdn-cache; desc=HIT edge; dur=1
content-length
4226
expires
Mon, 17 Oct 2022 14:23:28 GMT
VRQOLSVMD5BLPP6UNNTIH2U444.jpg
www.sltrib.com/resizer/D_3yrYcCA8wyEFSgsqRzPVjT1gI=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/D_3yrYcCA8wyEFSgsqRzPVjT1gI=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/VRQOLSVMD5BLPP6UNNTIH2U444.jpg
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.243 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-243.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
973062a297c40cb6ca1299843ec6f7c05fce8e02a5ac35082c64afa9ea47bfed
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

:path
/resizer/D_3yrYcCA8wyEFSgsqRzPVjT1gI=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/VRQOLSVMD5BLPP6UNNTIH2U444.jpg
pragma
no-cache
cookie
arc-country=DE; AKA_A2=A
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.sltrib.com
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:20 GMT
x-check-cacheable
YES
x-serial
1248
arc-country
DE
etag
"6293f1272550743ed8c0fd08cc4d4e033ff15b85"
strict-transport-security
max-age=86400
content-type
image/webp
cache-control
private, no-transform, max-age=31431274
last-modified
Sun, 17 Oct 2021 13:05:05 GMT
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
server-timing
cdn-cache; desc=HIT edge; dur=1
content-length
2774
server
Akamai Image Manager
expires
Mon, 17 Oct 2022 13:03:54 GMT
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.85.149 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-85-149.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 18 Oct 2021 04:12:18 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
50223
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA2-C2
X-Amz-Cf-Id
Yx_zmE-LdyXpg10s8-kFaHox8HfCT2Qv66oDnuY1-lEQTvZc7zVivw==
ballantine.js
www.sltrib.com/pf/resources/js/ 		465 B
844 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/ballantine.js?d=240
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.243 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-243.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
1349f8a177348d0812701b1d014b76c7dba107cb9793792379e70cfeb35ed80d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

:path
/pf/resources/js/ballantine.js?d=240
pragma
no-cache
cookie
arc-country=DE; AKA_A2=A
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.sltrib.com
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:20 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
FN5BFVMH6WS5578A
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT edge; dur=1
content-length
262
x-amz-id-2
xDS3ML6fYYh9SBCEBU31zcSdkE6MRk6QFaBoZX6WlXwO8qUlsWLuaeVrhR0PnKdAxrK1AdevvI8=
last-modified
Mon, 11 Oct 2021 22:28:15 GMT
server
openresty
etag
W/"75f660e0bf36975883d65bcb4206e252"
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Tue, 18 Oct 2022 18:09:20 GMT
sltrib-logo.svg
www.sltrib.com/pf/resources/svg/ 		28 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/pf/resources/svg/sltrib-logo.svg?d=240
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.243 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-243.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
50218b350ecd9694900e829cfc6c60e47693ef3cb35a07774414ef83a911f1b4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

:path
/pf/resources/svg/sltrib-logo.svg?d=240
pragma
no-cache
cookie
arc-country=DE; AKA_A2=A
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.sltrib.com
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:20 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
FN5956X8JJGXES6T
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT edge; dur=1
content-length
10808
x-amz-id-2
IA117+iaJxMutWZwPlHytT4mQRn9WyGj7F3CiiHmM8FrVx8nt+nyCKszYmOd9nHJ9+v925IoPvY=
last-modified
Mon, 11 Oct 2021 22:28:15 GMT
server
openresty
etag
W/"25e4e564ed5f244539f01a165c33c5aa"
strict-transport-security
max-age=86400
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Tue, 18 Oct 2022 18:09:20 GMT
trib_masthead.svg
www.sltrib.com/pf/resources/svg/ 		34 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/pf/resources/svg/trib_masthead.svg?d=240
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.243 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-243.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
d7ab0f1e31217960c7bcf0bdb822374271344c75aab4da7825505571e7e9035e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

:path
/pf/resources/svg/trib_masthead.svg?d=240
pragma
no-cache
cookie
arc-country=DE; AKA_A2=A
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.sltrib.com
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:20 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
FN5FVHJQE7EK06BW
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT edge; dur=1
content-length
10113
x-amz-id-2
MFasylYWAgtl8AU9Is0Sk8GsYESBqKTiDKdd8CPu3GaUOQUcCZyfUzSJOgO3CZHsmkc9vBAPtzU=
last-modified
Mon, 11 Oct 2021 22:28:15 GMT
server
openresty
etag
W/"ac682bbc23ad2715870b9244bcf8f9d5"
strict-transport-security
max-age=86400
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Tue, 18 Oct 2022 18:09:20 GMT
ad-video.js
www.sltrib.com/pf/resources/js/ 		736 B
923 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/ad-video.js?d=240
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.243 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-243.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
5667221d6dbbbcd25aad22b734bb02b2afa806492457c6d41396b6a6d6cffd38
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

:path
/pf/resources/js/ad-video.js?d=240
pragma
no-cache
cookie
arc-country=DE; AKA_A2=A
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.sltrib.com
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:20 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
FN5E2MGGVF429532
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT edge; dur=1
content-length
340
x-amz-id-2
uwkN9SYEwqknv7SdemmxnVl3+dnJhq+/Xb8/w0L6Z2W8exZoUGLEm5idoghoZX6lBQku5+bKXfE=
last-modified
Mon, 11 Oct 2021 22:28:15 GMT
server
openresty
etag
W/"11f2b6956152305324e354bfd9b905bd"
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Tue, 18 Oct 2022 18:09:20 GMT
outbrain.js
widgets.outbrain.com/ 		188 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bd408a5a042b26302422015b360c781e0a7f49de63198b53acedf20931c90b66

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:20 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 12:36:51 GMT
etag
W/"2f1e2-IIs5eM92qw6rh9rBNZ8lWT9geoc"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
84d334e34e34d976863d483b7222b9e3
timing-allow-origin
*, *
content-length
64092
expires
Mon, 18 Oct 2021 22:09:20 GMT
google-analytics.js
www.sltrib.com/pf/resources/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/google-analytics.js?d=240
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.243 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-243.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
72d3bb48505405120796571830ae74c4f871f03a9052d080cde2190aa926b1ee
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:19 GMT
content-encoding
gzip
x-amz-request-id
FN5DK200ZKVR33W7
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT edge; dur=1
content-length
931
x-amz-id-2
WkOJwBrLzhl4FZ31Rtv5SNvaWG62MIVJzsW7j92mPms2eSD7lAaP21MEePy4r3bPqglA2iTjAxc=
x-akamai-http2-push
1
last-modified
Mon, 11 Oct 2021 22:28:15 GMT
server
openresty
etag
W/"2615a770e33c9ec8523382d136d1f7e8"
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
set-cookie
arc-country=DE; expires=Mon, 18-Oct-2021 18:24:19 GMT; path=/
expires
Tue, 18 Oct 2022 18:09:19 GMT
google-tag-manager.js
www.sltrib.com/pf/resources/js/ 		747 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/google-tag-manager.js?d=240
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.243 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-243.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
7eb2af8a6315d058a1e7b87fadf2070e8fc0b2449b0a89da20c5b912de500acd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:19 GMT
content-encoding
gzip
x-amz-request-id
FN5C1BGEPE5KJ2D5
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT edge; dur=1
content-length
406
x-amz-id-2
LWKgHy4VABjU+Wl6QADD5sRXiykmj27LY6j+QkclDF3cbMOCz0wuEP3OtyxzRH9qWSG3CHXg/T4=
x-akamai-http2-push
1
last-modified
Mon, 11 Oct 2021 22:28:15 GMT
server
openresty
etag
W/"d2c8fb2ca910eadf27baa9157fba21a3"
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
set-cookie
arc-country=DE; expires=Mon, 18-Oct-2021 18:24:19 GMT; path=/
expires
Tue, 18 Oct 2022 18:09:19 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
f54e27d486114ee3dc179d87cccb955f908477e5ad4cef408162e85222d157a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1018 / 58 of 1000 / last-modified: 1634555106"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27182
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 18 Oct 2021 18:09:20 GMT
chartbeat.js
www.sltrib.com/pf/resources/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/chartbeat.js?d=240
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.243 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-243.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
b6322113217b4fac79ad5b27613c9c66d466e67fad90363e743c87df4843acd7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:19 GMT
content-encoding
gzip
x-amz-request-id
FN51CZZ8Z6Q9C5SN
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT edge; dur=1
content-length
1314
x-amz-id-2
DeYhDhlu3esfDqq+HyLqAZQT3OJKsr3/qcnu1woBJcrim+D9/LxzwUdJF8rL6dRuTDFI5LSy5Bg=
x-akamai-http2-push
1
last-modified
Mon, 11 Oct 2021 22:28:15 GMT
server
openresty
etag
W/"22d3c7b3a6a4b2de423042230a8a3822"
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
set-cookie
arc-country=DE; expires=Mon, 18-Oct-2021 18:24:19 GMT; path=/
expires
Tue, 18 Oct 2022 18:09:19 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.190.164 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-190-164.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
8491e6705bdb33a52dce45f3e5299aab11aa555537f6a6e869e4a0bd9af3d7be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 17:58:36 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 15:47:37 GMT
server
nginx
age
644
etag
W/"60e71e19-5a0d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
zqQH3HjXF3vLECNxrcHtJLEmt65zNLt8_inFKq3-QyWKMq80rDsS4Q==
expires
Mon, 18 Oct 2021 19:58:36 GMT
apstag.js
www.sltrib.com/pf/resources/js/ 		949 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/apstag.js?d=240
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.243 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-243.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
4f820f0ef60feea0b9127f668b9fb37ed82e6f9265859d43a826336cf428f507
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

:path
/pf/resources/js/apstag.js?d=240
pragma
no-cache
cookie
arc-country=DE; AKA_A2=A
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.sltrib.com
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:21 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
FN5AZ9EPCXFKRZAZ
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT edge; dur=1
content-length
495
x-amz-id-2
zbSevZeOJ8a/qVTxy4tWQwzpsaQ4BKdoZhp9gwOXfkbUJz1Vb6CWnyq7on8si8DuG6uXkpmJOGI=
last-modified
Mon, 11 Oct 2021 22:28:15 GMT
server
openresty
etag
W/"2ee185c1ae18ff242247763a007ccf2e"
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Tue, 18 Oct 2022 18:09:21 GMT
ad-slider.js
www.sltrib.com/pf/resources/js/ 		730 B
954 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/ad-slider.js?d=240
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.243 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-243.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
37e4ecedf0ab53a8f928507a9ae337f5871230f4525ce7e8070af4b21c17412d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

:path
/pf/resources/js/ad-slider.js?d=240
pragma
no-cache
cookie
arc-country=DE; AKA_A2=A
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.sltrib.com
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:21 GMT
content-encoding
gzip
etag
W/"c1aae5ed5833503095f1c285308e8ac3"
x-amz-request-id
FN54Q7TK6JX1CSTY
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT edge; dur=1
content-length
351
x-amz-id-2
o2VmMiiA1UvsUvWFtLJNcZ848/TtlmgtAG8b6jUXgBkqk2VkLpgsJ3QGLR/xMKOl10U3isN5TVU=
last-modified
Mon, 11 Oct 2021 22:28:15 GMT
server
openresty
x-edgeconnect-cache-status
3
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Tue, 18 Oct 2022 18:09:21 GMT
ad-blocker.js
www.sltrib.com/pf/resources/js/ 		694 B
977 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/ad-blocker.js?d=240
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.243 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-243.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
403f82f5023b7899ecc6ea3059c0b29c10d6719e7f8464e0625c8f5d02c9b69c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

:path
/pf/resources/js/ad-blocker.js?d=240
pragma
no-cache
cookie
arc-country=DE; AKA_A2=A
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.sltrib.com
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:21 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
FN5E9ABMQXV2E3DH
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT edge; dur=1
content-length
394
x-amz-id-2
YkTlAsfiXa01KBm+aS7wOdfoDOROsBa/Jm67RnQPjs1m4rZ+A7SNSTZZ9doMr1eYWEVThzkuAvM=
last-modified
Mon, 11 Oct 2021 22:28:15 GMT
server
openresty
etag
W/"8400f83f0cc8263a503add31576d1164"
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Tue, 18 Oct 2022 18:09:21 GMT
piano.js
www.sltrib.com/pf/resources/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/piano.js?d=240
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.243 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-243.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
b07c264563622bdb1a5a4800ae3448882ee6fb6cdb8e79ffe00e96439a4965e1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

:path
/pf/resources/js/piano.js?d=240
pragma
no-cache
cookie
arc-country=DE; AKA_A2=A
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.sltrib.com
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:21 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
FN5E6723W0026KEJ
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT edge; dur=1
content-length
953
x-amz-id-2
F8rKA5+rko9spTGIaB3AZ5RWYA4wWZRA8NXXm8IdvlXbR75zl61cj5e/p+so6GoN9JlYCVhX7sw=
last-modified
Mon, 11 Oct 2021 22:28:15 GMT
server
openresty
etag
W/"9054e433eee0c9fc20dbf7f16802b970"
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Tue, 18 Oct 2022 18:09:21 GMT
osano.js
cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/ 		392 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.88 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-88.fra2.r.cloudfront.net
Software
CloudFront /
Resource Hash
96fa5a340f5114714f2e622979e6b755a823da552883dcdd0329304ef367d549
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 16:46:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
4950
x-cache
Hit from cloudfront
content-length
100724
x-xss-protection
mode=block
last-modified
Mon, 18 Oct 2021 15:16:58 GMT
server
CloudFront
x-frame-options
SAMEORIGIN
etag
"ce96331e860ff7199bfad2c3208e3e0c"
strict-transport-security
max-age=2592000
content-type
application/javascript; charset=utf-8
via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
cache-control
public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
ULN6U_X-OPzAbk6Waf1Y0UMu9O3cnxkAEMWjKveLexX7Z1-qqTP7_w==
8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
d3plfjw9uod7ab.cloudfront.net/ 		107 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.151 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-151.fra2.r.cloudfront.net
Software
Cowboy /
Resource Hash
a652c4c938a30cb1d2035280f3e8993908dc1587d484efe553ee4e7ad82b34ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:20 GMT
via
1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
server
Cowboy
x-amz-cf-pop
FRA2-C2
etag
D71C3DBCF34B82699D8EB967F7CA40DD50C74FE1
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
109358
x-amz-cf-id
DJN_eRel3udW3pb2CuMdcaQy96cYccMlBdNoZo3U2Tfpe6_rNpvoAA==
x-request-id
Fq5AWFxAKG-FkDcBg11R
facebook.js
www.sltrib.com/pf/resources/js/ 		846 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/facebook.js?d=240
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.243 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-243.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
6a7dd3acbecddc653446803e807cea2b6a85f3c6c1a6cc349b751f5e965647ad
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:19 GMT
content-encoding
gzip
x-amz-request-id
FN5DKXC5F6FA01N1
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT edge; dur=1
content-length
441
x-amz-id-2
Rn7e0zdosGb1baG0lKNrca+1GvIvDZoVL4t8ndyWP08kNANnrx26/bgh+OZVt/Ca2BOgJyNtMtY=
x-akamai-http2-push
1
last-modified
Mon, 11 Oct 2021 22:28:15 GMT
server
openresty
etag
W/"88ccd8266f9a877f78c9ea893d8b8afd"
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
set-cookie
arc-country=DE; expires=Mon, 18-Oct-2021 18:24:19 GMT; path=/
expires
Tue, 18 Oct 2022 18:09:19 GMT
twitter.js
www.sltrib.com/pf/resources/js/ 		805 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/twitter.js?d=240
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.243 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-243.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
325eb0ed9c4b2173718116d97c78e067f83311ed07570de76d154881bee92947
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:19 GMT
content-encoding
gzip
x-amz-request-id
FN5DQK3WMF8WSHHK
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT edge; dur=1
content-length
428
x-amz-id-2
QwCSC78oW93XeB45mWrYE7X/pzn0jtTFBt8koTvBjy3mEC0Zx1fgvFdr94M7wqMG17OA59HM8ik=
x-akamai-http2-push
1
last-modified
Mon, 11 Oct 2021 22:28:15 GMT
server
openresty
etag
W/"5a2f1dc2518862e9d5beed543cee9f82"
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
set-cookie
arc-country=DE; expires=Mon, 18-Oct-2021 18:24:19 GMT; path=/
expires
Tue, 18 Oct 2022 18:09:19 GMT
queryly.v4.js
www.queryly.com/js/ 		45 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.queryly.com/js/queryly.v4.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
32c8dcaca4789dc71d25134dfa1394642f6c5cd5aa71e5eb75c27c48ad8ba162

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6129
x-powered-by
ASP.NET
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
last-modified
Mon, 04 Oct 2021 01:36:38 GMT
server
cloudflare
etag
W/"0171946c0b8d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uYR8GJjFCUf7mq%2F59s1krofw%2Bk3oS3vvxdgXPxiOxcmnxutmjrt%2BW7aXRShHoMTGHWd9PVw%2FopgVR9hHgoXJnkKIDDbg1VzLHtNc6aP0G3sACRekCIUrMXdBP7IId7CoNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
6a03b799cbf4277c-PRG
access-control-allow-headers
*
queryly.js
www.sltrib.com/pf/resources/js/ 		137 B
787 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/queryly.js?d=240
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.243 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-243.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
aa21d0ddbc7cb318d1367bab72630267ec09559a269a23672cebf582d36386ca
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:19 GMT
content-encoding
gzip
x-amz-request-id
FN5CQYHTAVH4XTNN
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT edge; dur=1
content-length
137
x-amz-id-2
q3KMpFz1BNnvlcr3ECrdciM4lw4u1xnqJ/K/xjITlqC7kkVT6F5oAHt0U/H+leUJVpzm28242kI=
x-akamai-http2-push
1
last-modified
Mon, 11 Oct 2021 22:28:15 GMT
server
openresty
etag
W/"6f71954a503275c7a33c5069434fddb5"
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
set-cookie
arc-country=DE; expires=Mon, 18-Oct-2021 18:24:19 GMT; path=/
expires
Tue, 18 Oct 2022 18:09:19 GMT
sltrib-advanced-search.js
www.queryly.com/js/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.queryly.com/js/sltrib-advanced-search.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b7618206e20ad8c415a0879f166e6fbaa9a54fbb70bcf9b3ba027c36aef225b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
82787
x-powered-by
ASP.NET
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
last-modified
Tue, 14 Sep 2021 18:36:43 GMT
server
cloudflare
etag
W/"49e3177797a9d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJNIkFntddxhT%2BwiueWIcZGKqsNOrqvXrvg0WqBzBDlhsEzKJoQapxKDscLzGAFWzYnVmjeJPsW2AwMaPgGf3CE6Mp34QoyUvje9yJfU2wyFJLhag%2BWEr7kLH1HAyF7%2Bbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
6a03b799cbf6277c-PRG
access-control-allow-headers
*
EQ5PL-TYNFS-SR6UD-ZERFB-E2CY6
s.go-mpulse.net/boomerang/ Frame D44D 		202 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/EQ5PL-TYNFS-SR6UD-ZERFB-E2CY6
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.214.229 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-229.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:20 GMT
content-encoding
br
last-modified
Thu, 09 Sep 2021 16:44:40 GMT
x-n
S
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
51580
AOXI22YH4FHSJC65BYRWWY5NV4.jpg
www.sltrib.com/resizer/aVy3qJC4Ge21c_v8kADhS0JEKkk=/1024x650/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/aVy3qJC4Ge21c_v8kADhS0JEKkk=/1024x650/cloudfront-us-east-1.images.arcpublishing.com/sltrib/AOXI22YH4FHSJC65BYRWWY5NV4.jpg
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.243 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-243.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
2ee67a5dc576962ba54d2c11769fe77b66e7cb9ec9af6a28ce7c67f079c92f3d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

:path
/resizer/aVy3qJC4Ge21c_v8kADhS0JEKkk=/1024x650/cloudfront-us-east-1.images.arcpublishing.com/sltrib/AOXI22YH4FHSJC65BYRWWY5NV4.jpg
pragma
no-cache
cookie
arc-country=DE; AKA_A2=A
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.sltrib.com
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:21 GMT
last-modified
Mon, 12 Jul 2021 16:42:31 GMT
server
Akamai Image Manager
arc-country
DE
etag
"b7e6d6e95396ab0dcd87d029f47b66cb1dfed29d"
strict-transport-security
max-age=86400
content-type
image/webp
cache-control
private, no-transform, max-age=23063705
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
server-timing
cdn-cache; desc=HIT edge; dur=276
content-length
25484
expires
Tue, 12 Jul 2022 16:44:26 GMT
truncated
/ 		842 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
462f8a9becd0c3fe2ff5f35f32d9ec980cab1ae3a715b9f7ba03e544134d815c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/pf/resources/js/google-analytics.js?d=240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Oct 2021 16:38:54 GMT
server
Golfe2
age
495
date
Mon, 18 Oct 2021 18:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Mon, 18 Oct 2021 20:01:06 GMT
gtm.js
www.googletagmanager.com/ 		147 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WJJTW7K
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/pf/resources/js/google-tag-manager.js?d=240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
087ea750095b1abda29404a38ca90ccae4215aef86392a06ce7a15d007e60f8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:21 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
51611
x-xss-protection
0
expires
Mon, 18 Oct 2021 18:09:21 GMT
chartbeat.js
static.chartbeat.com/js/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/pf/resources/js/chartbeat.js?d=240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.190.164 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-190-164.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
612e6b00354d56a1726cd40dc9a28d83ffda033d63214eae704d1e61ef59b3b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 17:17:55 GMT
content-encoding
gzip
last-modified
Fri, 09 Jul 2021 00:11:37 GMT
server
nginx
age
3085
etag
W/"60e79439-8e96"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
nB4ZpmVyTAjcqEvO691DmokLDvR-wexqb_cfNDtPCaMBv7qNpNNFVQ==
expires
Mon, 18 Oct 2021 19:17:55 GMT
activityi;dc_pre=CKKO0Y3H1PMCFcbHUQodNV0P-w;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999
8208269.fls.doubleclick.net/ Frame E563
Redirect Chain
  • https://8208269.fls.doubleclick.net/activityi;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999?
  • https://8208269.fls.doubleclick.net/activityi;dc_pre=CKKO0Y3H1PMCFcbHUQodNV0P-w;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999?
387 B
345 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8208269.fls.doubleclick.net/activityi;dc_pre=CKKO0Y3H1PMCFcbHUQodNV0P-w;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999?
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
35f8e56eb42f9a1891f9ee0196bfb312f3b013a77f9a0191eb61e3f7d5157691
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8208269.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CKKO0Y3H1PMCFcbHUQodNV0P-w;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 18 Oct 2021 18:09:21 GMT
expires
Mon, 18 Oct 2021 18:09:21 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
320
x-xss-protection
0
set-cookie
IDE=AHWqTUn7KqrIddXn_Ec6fBMGn-wxIDGZOvNeOJg-DGtggA0BZjN-y2dXGFuUly5seB8; expires=Sat, 12-Nov-2022 18:09:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 18 Oct 2021 18:09:21 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8208269.fls.doubleclick.net/activityi;dc_pre=CKKO0Y3H1PMCFcbHUQodNV0P-w;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activityi;dc_pre=CK3zz43H1PMCFbT41QodoPMO3g;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999
8234312.fls.doubleclick.net/ Frame 27A3
Redirect Chain
  • https://8234312.fls.doubleclick.net/activityi;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999?
  • https://8234312.fls.doubleclick.net/activityi;dc_pre=CK3zz43H1PMCFbT41QodoPMO3g;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999?
524 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8234312.fls.doubleclick.net/activityi;dc_pre=CK3zz43H1PMCFbT41QodoPMO3g;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999?
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
2bcd736916e50f0106eaeb728809ae8a5eca973ee07192599f1a3506fac3cbec
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8234312.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CK3zz43H1PMCFbT41QodoPMO3g;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 18 Oct 2021 18:09:21 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
401
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 18-Oct-2021 18:24:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 18 Oct 2021 18:09:21 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8234312.fls.doubleclick.net/activityi;dc_pre=CK3zz43H1PMCFbT41QodoPMO3g;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
uwt.js
static.ads-twitter.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/pf/resources/js/twitter.js?d=240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:21 GMT
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 23:58:10 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-geo-cc_and_ra
DE-BB
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kcgs7200163-IAD, cache-fra19158-FRA
whitecloseicon.png
www.queryly.com/images/ 		816 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.queryly.com/images/whitecloseicon.png
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:21 GMT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
265427
x-powered-by
ASP.NET
content-length
816
last-modified
Thu, 11 Jun 2020 23:20:57 GMT
server
cloudflare
etag
"d7046f64640d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ViYHCGtxBjKnBI2YDj6Xp18BunE30qt2f%2FudKZrm5q0NlqiAK4YaLlePYeGPifUpK08HI7JWNpIplgAGrzi7Yehg5nYsaKpwCS2BUnIDvnbleZ%2FjR8e6RB4Rcx%2FMgr6QKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6a03b79b0e65277c-PRG
access-control-allow-headers
*
coral-comments
www.sltrib.com/pf/api/v3/content/fetch/ 		21 B
407 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/api/v3/content/fetch/coral-comments?query=undefined&d=240&_website=sltrib
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/pf/dist/engine/react.js?d=240
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.243 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-243.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
e41656eb2ba6c6293bf6dd928e5a88cdbc50535cab661c1969e0f598e497ed62
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

:path
/pf/api/v3/content/fetch/coral-comments?query=undefined&d=240&_website=sltrib
pragma
no-cache
cookie
arc-country=DE; AKA_A2=A; RT="z=1&dm=sltrib.com&si=v82mfcyub0m&ss=kuwz28o6&sl=0&tt=0"; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.sltrib.com
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:21 GMT
server
openresty
arc-country
DE
etag
W/"15-/6VXivhc2MKdLfIkLcUE47K6aH0"
strict-transport-security
max-age=86400
content-type
text/plain; charset=utf-8
cache-control
max-age=52
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
server-timing
cdn-cache; desc=HIT edge; dur=1
content-length
21
expires
Mon, 18 Oct 2021 18:10:13 GMT
menu.svg
www.sltrib.com/pf/resources/svg/ 		222 B
757 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/pf/resources/svg/menu.svg?d=240
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.243 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-243.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
9041f63adc7ef5badf30edfdd51d94832df52c6a93c52ba91ea270c107847b82
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

:path
/pf/resources/svg/menu.svg?d=240
pragma
no-cache
cookie
arc-country=DE; AKA_A2=A; RT="z=1&dm=sltrib.com&si=v82mfcyub0m&ss=kuwz28o6&sl=0&tt=0"; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.sltrib.com
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:21 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
G0SPVVRW9HMC4P9F
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT edge; dur=1
content-length
188
x-amz-id-2
nFwkSlOLmS/ShQTzRGQ1fMox/KcA4uDhcNxUZyQH2dpnCKvlC5Cj+SyeLhAhn9NTeYZ4xwJMR6Y=
last-modified
Mon, 11 Oct 2021 22:28:15 GMT
server
openresty
etag
W/"2ad563e730ce63c718f6dbed5962a52a"
strict-transport-security
max-age=86400
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Tue, 18 Oct 2022 18:09:21 GMT
whitesearchicon.png
www.sltrib.com/pf/resources/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/pf/resources/img/whitesearchicon.png?d=240
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.243 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-243.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
22bc956a539f85eb61b4e61a9601c9cafd7df6b5caf2b119c0e142fce86a50e3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

:path
/pf/resources/img/whitesearchicon.png?d=240
pragma
no-cache
cookie
arc-country=DE; AKA_A2=A; RT="z=1&dm=sltrib.com&si=v82mfcyub0m&ss=kuwz28o6&sl=0&tt=0"; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.sltrib.com
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:21 GMT
last-modified
Mon, 11 Oct 2021 22:31:36 GMT
server
Akamai Image Manager
arc-country
DE
etag
W/"3b58a206fb7dc186939b1000fb5bbd91"
strict-transport-security
max-age=86400
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=30946913
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
server-timing
cdn-cache; desc=HIT edge; dur=9
content-length
2012
expires
Tue, 11 Oct 2022 22:31:14 GMT
Trib_masthead_top_000000.svg
www.sltrib.com/pf/resources/svg/ 		14 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/pf/resources/svg/Trib_masthead_top_000000.svg?d=240
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.243 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-243.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
a6b9ca255d1b81f64849a3e0412ee94a858f10baafb862bfd715541afdb012df
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

:path
/pf/resources/svg/Trib_masthead_top_000000.svg?d=240
pragma
no-cache
cookie
arc-country=DE; AKA_A2=A; RT="z=1&dm=sltrib.com&si=v82mfcyub0m&ss=kuwz28o6&sl=0&tt=0"; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.sltrib.com
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:21 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
G0SPC3TP2X7X3M5D
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT edge; dur=1
content-length
4810
x-amz-id-2
ahcgOU5h9/eJZkSxuN0gYiLpAkCmCjAzTKammAiYMN2Nefpi3AEk/wPPsGC64mSqU9R22m15QSY=
last-modified
Mon, 11 Oct 2021 22:28:15 GMT
server
openresty
etag
W/"0a6e5f60fd6a9d23f560d424745802f9"
strict-transport-security
max-age=86400
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Tue, 18 Oct 2022 18:09:21 GMT
person.svg
www.sltrib.com/pf/resources/svg/ 		291 B
788 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/pf/resources/svg/person.svg?d=240
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.243 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-243.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
f8a691e6f523905cca35f8488a78ceadbaa81c057adf1b5a4817871ad27bf787
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

:path
/pf/resources/svg/person.svg?d=240
pragma
no-cache
cookie
arc-country=DE; AKA_A2=A; RT="z=1&dm=sltrib.com&si=v82mfcyub0m&ss=kuwz28o6&sl=0&tt=0"; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.sltrib.com
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:21 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
G0SPGFE4WJDHVWTA
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT edge; dur=1
content-length
222
x-amz-id-2
Mn6c06o0z+tavOlHv44KlKXcnKiXBNuw6ZLTW1b5tz1Wf7jOhXu9040Qesn0IU/izlnjqPDlALM=
last-modified
Mon, 11 Oct 2021 22:28:15 GMT
server
openresty
etag
W/"0b49da62bedb71c6594b7421f72768e1"
strict-transport-security
max-age=86400
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Tue, 18 Oct 2022 18:09:21 GMT
pubads_impl_2021101201.js
securepubads.g.doubleclick.net/gpt/ 		361 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
124532
x-xss-protection
0
last-modified
Tue, 12 Oct 2021 08:35:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 18 Oct 2021 18:09:21 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		242 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.sltrib.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
fa1c22841b2d731bd4f86827eeb1c9841e22230d3e2ca016f50a621adab365ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 18:09:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
135
x-xss-protection
0
expires
Mon, 18 Oct 2021 18:09:21 GMT
d3d3LnNsdHJpYi5jb20=
tcheck.outbrainimg.com/tcheck/check/ 		15 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d3d3LnNsdHJpYi5jb20=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.122.252.200 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-252-200.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 18 Oct 2021 18:09:21 GMT
ETag
W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=36436
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
c097dad80ea2f236a6da2c90a5e4b035
Content-Length
15
Expires
Tue, 19 Oct 2021 04:16:37 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=8.88276679321548
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:21 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Wed, 17 Nov 2021 18:09:21 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		194 B
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=sltrib.com&domain=sltrib.com&path=%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8f11b2bfeb8d53f53f9689942afc81bfac42debe8851f7f38b0a85c9504f6595

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:22 GMT
content-encoding
gzip
x-cache-hits
0
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
154
x-served-by
cache-hhn4076-HHN
access-control-allow-origin
*
x-timer
S1634580562.096647,VS0,VE106
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
via
1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Sat, 16 Oct 2021 18:09:22 GMT
5b7c3a1d-7951-417d-b29c-f00dc5ce7368
https://www.sltrib.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.sltrib.com/5b7c3a1d-7951-417d-b29c-f00dc5ce7368
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
connatix.player.dc.js
cds.connatix.com/p/133566/ Frame 8ACC
Redirect Chain
  • https://cd.connatix.com/connatix.player.js
  • https://cds.connatix.com/p/133566/connatix.player.dc.js
1 MB
226 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/133566/connatix.player.dc.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
765a9009021962356534119eff5f6bdff6e05350c57817790abcafb094cdcde6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:22 GMT
content-encoding
br
last-modified
Mon, 18 Oct 2021 16:56:24 GMT
age
4147
etag
"198266095d0f23d1d5515ccf28e329fb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
230946

Redirect headers

location
https://cds.connatix.com/p/133566/connatix.player.dc.js
date
Mon, 18 Oct 2021 18:09:22 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
age
0
accept-ranges
bytes
content-length
0
retry-after
0
apstag.js
c.amazon-adsystem.com/aax2/ 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/pf/resources/js/apstag.js?d=240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
zTpXqDhrs..xkKPVKkqB8HVtw0cnTzHi
content-encoding
gzip
etag
e2b905aea413c4d7479fb2bb9cbc6c65
age
851
x-cache
Hit from cloudfront
server
Server
x-amz-rid
10GCC5M0JAXN70T382DK
date
Mon, 18 Oct 2021 17:55:33 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
H3nLZJAeyR76R9l2JASFa-NUt864fICZXfHyrNVGqQSGo02N78EiYA==
connatix.playspace.dc.js
cds.connatix.com/p/133566/ Frame 0127
Redirect Chain
  • https://cd.connatix.com/connatix.playspace.js
  • https://cds.connatix.com/p/133566/connatix.playspace.dc.js
1 MB
235 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/133566/connatix.playspace.dc.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9d8a633f49f73344254aaf97549b037c397addbcf66cb8346406b6fc8c1ae9f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:22 GMT
content-encoding
br
last-modified
Mon, 18 Oct 2021 16:56:24 GMT
age
4147
etag
"05bcee757271e32539795e73eced8110"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
240651

Redirect headers

location
https://cds.connatix.com/p/133566/connatix.playspace.dc.js
date
Mon, 18 Oct 2021 18:09:22 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
age
0
accept-ranges
bytes
content-length
0
retry-after
0
advertising.js
www.npttech.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/pf/resources/js/ad-blocker.js?d=240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.60.63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1050
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
MY9S0PJDNWKA0N4N
x-amz-id-2
u+L7370psI8SIxAmhNpCXyD7oSJ5Mvj4UhFctRtjgqEQW9IRVxx/Z0CAHkLIPiAPTAks5+rBcUw=
last-modified
Wed, 19 Jun 2019 08:25:01 GMT
server
cloudflare
etag
W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8ZwanhXz1C91H67OBJe9PXM0BPC53GKeaVvqKa5fMEfCupxwnP50%2FZKINlj26T%2BiUhf6LYxujdSaP8VzHoW96xVjao1EG8NERtjd8fa2UMg7ngG7LiQUxeoiR01b5BPnQA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
x-amz-version-id
hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray
6a03b7a14e2f1f1d-FRA
load
experience.tinypass.com/xbuilder/experience/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=vxCIN3E3cT
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/pf/resources/js/piano.js?d=240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.185.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
281a1c5996dabee532e69c0be0d9bdef31178f9eb492bd9d96a3d69083894889
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:22 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
EXPIRED
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id
Cmfq61rTzaB
wn
prod-exp-10-0-116-179
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=1800
cf-ray
6a03b7a14db52784-PRG
expires
Mon, 18 Oct 2021 18:39:22 GMT
placement_invocation
ob.cheqzone.com/ 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-58.fra2.r.cloudfront.net
Software
/
Resource Hash
c76853b9b64b3fb4b4cfbd22885e4cc2e3f14918020efb69a1df8eaeeb2a3b8e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 09:11:19 GMT
content-encoding
gzip
cheq_headers_order
Content-Type Cache-Control Expires Etag Content-Length Content-Encoding Date Connection
age
32283
etag
"c6e6-H+PLdQz0EEd97ZlT78HNXlxTPcM"
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront)
cache-control
max-age=43200
x-amz-cf-pop
FRA2-C1
content-length
19276
x-amz-cf-id
YDeuDlRsWyITpzyJDLEAlsJhUbRkh0Ri5-JjjzRSwKU7wuiYjghHUw==
expires
Mon, 18 Oct 2021 21:11:19 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=sltrib.com&p=%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&u=DhWz8sC9eA2GCqeDAk&d=sltrib.com&g=65212&g0=Health&g1=Sean%20P.%20Means&n=1&f=00001&c=0&x=0&m=0&y=6061&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2240&t=B1XhKABKiyPUDC4LiOCVajNOVBWdb&V=128&i=No%20link%20between%20COVID-19%20vaccine%20and%204%20Utahns%20who%20died%20after%20shots%2C%20medical%20examiner%20says&tz=0&_hottopic=&sn=1&sv=BdicpLCxCzyZDTNyz1CexHvV5gfiZ&sd=1&im=067b2ff3&_
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.215.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-215-174.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:22 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
adsct
analytics.twitter.com/i/ 		31 B
659 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o0jhs&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=34456cf1-b0eb-494a-9d72-e9a71a1d0cc0&tw_document_href=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
pragma
no-cache
last-modified
Mon, 18 Oct 2021 18:09:22 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
dd845a92e17e028295346b8fa6eb4799551dafafa5ac6fa67f58b7a29961075f
x-transaction
011b5eb021d3f5d3
expires
Tue, 31 Mar 1981 05:00:00 GMT
adsct
t.co/i/ 		43 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o0jhs&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=34456cf1-b0eb-494a-9d72-e9a71a1d0cc0&tw_document_href=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Mon, 18 Oct 2021 18:09:22 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
d5eefbe72f0d239ed37e3bd1ceb24ffa3c1ba3fea17a387ac5abe7f9ba87b314
x-transaction
26e4aecc35a5cf32
expires
Tue, 31 Mar 1981 05:00:00 GMT
js
www.googletagmanager.com/gtag/ 		123 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DC2TJEE08T&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJJTW7K
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
614bb599b7fd80a9d1aecc5de3daffcbff1ac9d93f3a88872852341e0b1ac8a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:21 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
49374
x-xss-protection
0
expires
Mon, 18 Oct 2021 18:09:21 GMT
186212-190626348116582.js
js-sec.indexww.com/ht/p/ 		175 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/186212-190626348116582.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJJTW7K
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e9a3a594fef3383e7b5fc71387a1ed0e81cabe34ca1782cbc5972c03b332cdbb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 18 Oct 2021 18:09:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Oct 2021 17:50:33 GMT
Server
Apache
ETag
"903dce-2bba8-5cea42e78143f"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2452
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
44752
Expires
Mon, 18 Oct 2021 18:50:14 GMT
asyncPixelSync
pixel.sitescout.com/dmp/ Frame E887
Redirect Chain
  • https://pixel-a.basis.net/dmp/asyncPixelSync
  • https://pixel.sitescout.com/dmp/asyncPixelSync
  • https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Southampton, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
d13f75258af94187679cd8a64ca79c55aca966bae5af60231f575faaf84d8aa7

Request headers

:method
GET
:authority
pixel.sitescout.com
:scheme
https
:path
/dmp/asyncPixelSync?cookieQ=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
accept-encoding
gzip, deflate, br
cookie
ssi=57fd39f8-a0fa-4b09-87ab-776bd2526cb0#1634580562312
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/

Response headers

cache-control
max-age=0,no-cache,no-store
pragma
no-cache
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
set-cookie
ssi=57fd39f8-a0fa-4b09-87ab-776bd2526cb0#1634580562312; Domain=.sitescout.com; Expires=Tue, 18-Oct-2022 18:09:22 GMT; Path=/; Secure; SameSite=None _ssuma=eyIzNCI6MTYzNDU4MDU2MjMzOCwiMiI6MTYzNDU4MDU2MjMzOCwiNCI6MTYzNDU4MDU2MjMzOCwiMzkiOjE2MzQ1ODA1NjIzMzgsIjciOjE2MzQ1ODA1NjIzMzh9; Domain=.sitescout.com; Expires=Wed, 17-Nov-2021 18:09:22 GMT; Path=/; Secure; SameSite=None
content-type
text/html;charset=UTF-8
content-length
1139
date
Mon, 18 Oct 2021 18:09:21 GMT
server
AC1.1

Redirect headers

set-cookie
ssi=ab0d8a8e-2af8-4e25-abae-db39acf882b4#1634580562314; Domain=.sitescout.com; Expires=Tue, 18-Oct-2022 18:09:22 GMT; Path=/; Secure; SameSite=None
location
https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
content-length
0
date
Mon, 18 Oct 2021 18:09:21 GMT
server
AC1.1
asyncPixelSync
pixel.sitescout.com/dmp/ Frame AC85
Redirect Chain
  • https://pixel-a.basis.net/dmp/asyncPixelSync
  • https://pixel.sitescout.com/dmp/asyncPixelSync
  • https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Southampton, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
d13f75258af94187679cd8a64ca79c55aca966bae5af60231f575faaf84d8aa7

Request headers

:method
GET
:authority
pixel.sitescout.com
:scheme
https
:path
/dmp/asyncPixelSync?cookieQ=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
accept-encoding
gzip, deflate, br
cookie
ssi=57fd39f8-a0fa-4b09-87ab-776bd2526cb0#1634580562312
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/

Response headers

cache-control
max-age=0,no-cache,no-store
pragma
no-cache
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
set-cookie
ssi=57fd39f8-a0fa-4b09-87ab-776bd2526cb0#1634580562312; Domain=.sitescout.com; Expires=Tue, 18-Oct-2022 18:09:22 GMT; Path=/; Secure; SameSite=None _ssuma=eyIzNCI6MTYzNDU4MDU2MjMzNywiMiI6MTYzNDU4MDU2MjMzNywiNCI6MTYzNDU4MDU2MjMzNywiMzkiOjE2MzQ1ODA1NjIzMzcsIjciOjE2MzQ1ODA1NjIzMzd9; Domain=.sitescout.com; Expires=Wed, 17-Nov-2021 18:09:22 GMT; Path=/; Secure; SameSite=None
content-type
text/html;charset=UTF-8
content-length
1139
date
Mon, 18 Oct 2021 18:09:21 GMT
server
AC1.1

Redirect headers

set-cookie
ssi=57fd39f8-a0fa-4b09-87ab-776bd2526cb0#1634580562312; Domain=.sitescout.com; Expires=Tue, 18-Oct-2022 18:09:22 GMT; Path=/; Secure; SameSite=None
location
https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
content-length
0
date
Mon, 18 Oct 2021 18:09:21 GMT
server
AC1.1
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.19 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25969
x-xss-protection
0
pragma
public
x-fb-debug
VpVyUVBFK88C6lWCjVhYCGCy5NMPRjGZxhR8DChLmpSXKI9GHpQH2mz6jbUd4pvuyBDBDCWbe+IuNM+bJdUc6Q==
x-fb-trip-id
2050670934
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 18 Oct 2021 18:09:22 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
pushly-sdk.min.js
cdn.p-n.io/ 		307 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.p-n.io/pushly-sdk.min.js?domain_key=8TvuqyAv5q0L7mPKRbEHz1EQbjDrAwgM2XRu
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJJTW7K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.46 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-46.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc5ad5068a6a326e2b8a3382ac1dca0b67f93f592dee63037a1aab0b2995c8f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:22 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 08:25:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
W/"393b45abe619168e50d06506d251e668"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-id
slDtrYgqNsHcPdAZ9ONF4ROIZjiMB09FPFg_Sq_p2iio5QiFnEUJ-w==
dda8255d32e6482d
pixel.sitescout.com/iap/
Redirect Chain
  • https://pixel-a.basis.net/iap/dda8255d32e6482d
  • https://pixel.sitescout.com/iap/dda8255d32e6482d
0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/iap/dda8255d32e6482d
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Southampton, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:21 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location
https://pixel.sitescout.com/iap/dda8255d32e6482d
content-length
0
1ea036853c174e3a
clickserv.sitescout.com/conv/
Redirect Chain
  • https://clickserv.basis.net/conv/1ea036853c174e3a
  • https://clickserv.sitescout.com/conv/1ea036853c174e3a
43 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clickserv.sitescout.com/conv/1ea036853c174e3a
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.189 Southampton, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:22 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control
max-age=0,no-cache,no-store
content-type
image/gif
content-length
43
expires
Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location
https://clickserv.sitescout.com/conv/1ea036853c174e3a
content-length
0
config.json
c.go-mpulse.net/api/ Frame D44D 		51 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=EQ5PL-TYNFS-SR6UD-ZERFB-E2CY6&d=www.sltrib.com&t=5448602&v=1.632.0&if=&sl=0&si=v82mfcyub0m-r16qfl&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=634755
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/EQ5PL-TYNFS-SR6UD-ZERFB-E2CY6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.214.229 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-229.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ea9d44babfa4a2cd0031f081fd9381751bee0f7d044ae9254d2b1ce71fa32605

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 18 Oct 2021 18:09:22 GMT
Cache-Control
private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
51
Content-Type
application/json
/
adservice.google.com/ddm/fls/i/dc_pre=CK3zz43H1PMCFbT41QodoPMO3g;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999;~oref=https://www.sltrib... Frame DC1F 		523 B
890 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CK3zz43H1PMCFbT41QodoPMO3g;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999;~oref=https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Requested by
Host: 8234312.fls.doubleclick.net
URL: https://8234312.fls.doubleclick.net/activityi;dc_pre=CK3zz43H1PMCFbT41QodoPMO3g;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
390a744dab893732a8b20e0ca861ad988841c0ed359590dc26fe37c27d93e666
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.com
:scheme
https
:path
/ddm/fls/i/dc_pre=CK3zz43H1PMCFbT41QodoPMO3g;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999;~oref=https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://8234312.fls.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://8234312.fls.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 18 Oct 2021 18:09:22 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
401
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dc_pre=CKKO0Y3H1PMCFcbHUQodNV0P-w;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999
adservice.google.com/ddm/fls/z/ Frame E563 		42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CKKO0Y3H1PMCFcbHUQodNV0P-w;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999
Requested by
Host: 8208269.fls.doubleclick.net
URL: https://8208269.fls.doubleclick.net/activityi;dc_pre=CKKO0Y3H1PMCFcbHUQodNV0P-w;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8208269.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-DC2TJEE08T&gtm=2oead0&_p=944115075&sr=1600x1200&ul=en-us&cid=333263264.1634580562&_s=1&dl=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&dt=No%20link%20between%20COVID-19%20vaccine%20and%204%20Utahns%20who%20died%20after%20shots%2C%20medical%20examiner%20says&sid=1634580561&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DC2TJEE08T&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_pla
obs.cheqzone.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=14015512056577591105982857986695642182350915276307002075892823989109&nc=0&tsf=0&tsfmi=&pv=0&cb=1634580562218&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=220482090&at=&bid=e30%3D&di=W1siZWYiLDMyODBdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImludGVsIGluYy5c%0D%0AIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNs%0D%0AIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndl%0D%0AYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwi%0D%0AYmVuXCI6OCxcIndnbFwiOjEsXCJncmVuXCI6XCJ3ZWJraXQgd2ViZ2xcIixcInNlZlwiOjExMTM2%0D%0AMTUxMixcInNlY1wiOlwiXCJ9Il0sWzM3LCJbMzMxNjIyNDA0OSxmdW5jdGlvbihuZXdWYWx1ZSkg%0D%0Ae1xuICAgICAgICAgICAgICBhZGRDb250ZW50V2luZG93UHJveHkodGhpcylcbiAgICAgICAgICAg%0D%0AICAgLy8gUmVzZXQgcHJvcGVydHksIHRoZSBob29rIGlzIG9ubHkgbmVlZGVkIG9uY2VcbiAgICAg%0D%0AICAgICAgICAgT2JqZWN0LmRlZmluZVByb3BlcnR5KGlmcmFtZSwgJ3NyY2RvYycsIHtcbiAgICAg%0D%0AICAgICAgICAgICBjb25maWd1cmFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHdyaXRhYmxl%0D%0AOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB2YWx1ZTogX3NyY2RvY1xuICAgICAgICAgICAgICB9%0D%0AKVxuICAgICAgICAgICAgICBfaWZyYW1lLnNyY2RvYyA9IG5ld1ZhbHVlXG4gICAgICAgICAgICB9%0D%0AXSJdLFstMSwiLSJdLFstMiwiMTQsZVlYVlgxUHJ4Mk8rZTJhWm5NcEJkSUFSS0tWRUVRSWdLQ2RK%0D%0AWGVCQkVRUklxaUlDMThxRFJGa041Q0M0clNmaUpTcEFvSVJPbVFRaEpTU005TVpqSnp5eWw3NzdX%0D%0AL1o1MTd6OCJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwibWhqZmJtZGdjZmpiYnBh%0D%0AZW9qb2ZvaG9lZmdpZWhqYWlcIixcImludGVybmFsLW5hY2wtcGx1Z2luXCJdIl0sWy00LCItIl0s%0D%0AWy01LCItIl0sWy02LCItIl0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFst%0D%0AMTEsIntcInRcIjpcIlwiLFwibVwiOltcInRpdGxlXCIsXCJrZXl3b3Jkc1wiLFwibmV3c19rZXl3%0D%0Ab3Jkc1wiLFwiZGVzY3JpcHRpb25cIixcImFwcGxlLW1vYmlsZS13ZWItYXBwLXRpdGxlXCIsXCJv%0D%0AZzp0aXRsZVwiLFwib2c6ZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6dGl0bGVcIixcInR3aXR0ZXI6%0D%0AZGVzY3JpcHRpb25cIl19Il0sWy0xMiwibnVsbCJdLFstMTMsIi0iXSxbLTE0LCJ7XCJvXCI6MC4w%0D%0AMDY1Nzg5NDczNjg0MjEwNTJ9Il0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCI0Il0sWy0xOCwi%0D%0AWzAsMCwwLDFdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTYwMCwxMjAwLDE2%0D%0AMDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDAsMCwwLDAsXCItXCIsXCItXCJdIl0sWy0yMCwi%0D%0AMzMzMjYzMjY0LjE2MzQ1ODA1NjIiXSxbLTIxLCJ0SjZJMjhIZiJdLFstMjIsIltcIm5cIixcIm5c%0D%0AIl0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI1LCItIl0sWy0yNiwie1widGpoc1wiOjEwMDAw%0D%0AMDAwLFwidWpoc1wiOjEwMDAwMDAwLFwiamhzbFwiOjM3NjAwMDAwMDB9Il0sWy0yNywiWzAsOSww%0D%0ALFwiNGdcIixudWxsXSJdLFstMjgsImVuLVVTLGVuIl0sWy0yOSwie1widlwiOlsyLDIsMiwyLDAs%0D%0AMCwwLDIsMCwyLDAsMiwwLDAsMiwyLDIsMiwwXX0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJm%0D%0AYWxzZSJdLFstMzIsIi0iXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNjM0NTgwNTYyMTIx%0D%0ALDBdIl0sWy0zNiwiW1wiNC8zXCIsXCI0LzNcIl0iXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTM4%0D%0ALCJpLC0xLC0xLDAsMCwxLDAsMzYsMjEsMTIxMywzOTksMCwxNDk2LjMsMTQ5Ni4zLDI3ODgsMjc4%0D%0AOSJdLFstMzksIltcIjIwMDMwMTA3XCIsNCxcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxs%0D%0AYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCwzXSJdLFstNDAsIjMzIl0sWy00MSwiLSJd%0D%0ALFstNDIsIjE3MjQyOTc2NTMiXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAxMTEwMTEwMCJdLFst%0D%0ANDQsIjAsMCwwLDUiXSxbLTQ1LCI2MjAsNjc4LDAsMCwwLDU2MSwwLDAsNjQ4LDAsMCwwLDAsMCww%0D%0ALDAsMCwwLDAsNjg0LDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0sWy00NiwiMCJdLFstNDcsIkV0%0D%0AYy9Vbmtub3duLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0iXSxbImJu%0D%0AY2giLDE2MV1d&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A175%2C%22y%22%3A4856%2C%22w%22%3A1250%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=13pUMGDrtY&sdd=%7B%7D&pto=2887
Requested by
Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.172.245.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-245-152.compute-1.amazonaws.com
Software
/
Resource Hash
14825156cb2d46e54c6161adf4e938f48ed6b5d9a6fa854c1e96eaf62453a007

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:22 GMT
content-encoding
gzip
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
cheq_headers_order
Set-Cookie Content-Type Cache-Control Pragma Expires Content-Length Content-Encoding Date Connection
content-length
1428
expires
Fri, 01 Jan 1990 00:00:00 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1634580562251&sessionId=b7eb45ce-54b0-e5f6-84eb-76cc2655f39e&url=www.sltrib.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Oct 2021 18:09:22 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
2a2bb63263d916d1700bc88248f684e2
Content-Length
4
Expires
0
get
odb.outbrain.com/utils/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=sltrib.com&idx=0&rand=56429&key=NANOWDGT01&widgetJSId=AR_1&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&clid=b7eb45ce-54b0-e5f6-84eb-76cc2655f39e&fdu=www.sltrib.com&px=175&py=4856&vpd=3656&cw=1250&settings=true&recs=true&version=2000476&sig=tJ6I28Hf&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
254518bd5dc2799922fb088e962aac84de84a6594cb842e15815c5c476d69c2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:22 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, HHN, Europe1
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip
157.52.117.54
x-cache-hits
0, 0
x-traceid
546e11121cdf96e25b04da01f4c39136
content-encoding
gzip
content-length
16856
x-served-by
cache-lga21954-LGA, cache-hhn4067-HHN
x-timer
S1634580562.397739,VS0,VE263
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
publishertag.js
static.criteo.net/js/ld/ 		119 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186212-190626348116582.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
808ecd508fafb1836f5a350eb2165824e8130f96ba29e1b35d9d473d8b13708e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:22 GMT
content-encoding
gzip
last-modified
Mon, 04 Oct 2021 12:34:27 GMT
server
nginx
etag
W/"615af4d3-1dd0f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 19 Oct 2021 18:09:22 GMT
identity
api.rlcdn.com/api/ 		44 B
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186212-190626348116582.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 18 Oct 2021 18:09:22 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
rid
match.adsrvr.org/track/ 		109 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186212
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186212-190626348116582.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
7b7d44fa8c242c4c3f19fa899c79708f33acb8edd661867c415043a0d2f9c668

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 18 Oct 2021 18:09:22 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sltrib.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Wed, 17 Nov 2021 18:09:22 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&pubid=debf9330-3806-4aee-a4d7-19e9cece1a09
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:21 GMT
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.sltrib.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
kv5mlm6UT_2EdIBblss4jr2oGjroi0MK-vRKt9wpHAOvC6xbMXYjvA==
config
c.amazon-adsystem.com/cdn/prod/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&pubid=debf9330-3806-4aee-a4d7-19e9cece1a09
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:21 GMT
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.sltrib.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
oDuc1Lwb-3Nfcr9_HOv2cTsua-JmpImpecsyOiJIPApXTe_1p8ZhFw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
76722
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 07 Oct 2021 01:02:33 GMT
server
AmazonS3
date
Sun, 17 Oct 2021 20:50:41 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
93KnJmaZaWn-5Wk16wmPicV_qO148GaNcH3rrjuKEn5cj9trcpB2Uw==
3047781918617987
connect.facebook.net/signals/config/ 		490 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/3047781918617987?v=2.9.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.19 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
3f5b5d768def348ece2afaa8c1493ab88b65ad0c535dc502caf85b3ea22ebdd3
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
axFMbmGSdVqmXuwVsTxybDb+e96OfCH1SaNMGgaaFw5Z8hlLKGHz+ktaN41XXjMNBCYGDL7cmGjEoglAZGV/LA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 18 Oct 2021 18:09:22 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
tinypass.min.js
cdn.tinypass.com/api/ 		412 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=vxCIN3E3cT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.185.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99a2b818617447dfa6f85d6437bb7736d48b5acb114a1f01b1afa8a4a201e770
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:22 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1422
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wn
prod-dash-10-0-130-103
last-modified
Wed, 13 Oct 2021 16:05:42 GMT
server
cloudflare
etag
W/"421868-1634141142000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
server-time
0.000
cache-control
public, max-age=3600
cf-ray
6a03b7a339bc2784-PRG
expires
Mon, 18 Oct 2021 19:09:22 GMT
/
8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CK3zz43H1PMCFbT41QodoPMO3g;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999;~oref=https://www... Frame 374D
Redirect Chain
  • https://adservice.google.de/ddm/fls/i/dc_pre=CK3zz43H1PMCFbT41QodoPMO3g;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999;~oref=https://www...
  • https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CK3zz43H1PMCFbT41QodoPMO3g;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999;~oref=htt...
845 B
529 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CK3zz43H1PMCFbT41QodoPMO3g;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999;~oref=https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CK3zz43H1PMCFbT41QodoPMO3g;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999;~oref=https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
b3074e2cf0b12bcf10b46ed42bbe45b43ddfb868a7434b8e7b45ec387924c09a
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8234312.fls.doubleclick.net
:scheme
https
:path
/ddm/fls/r/dc_pre=CK3zz43H1PMCFbT41QodoPMO3g;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999;~oref=https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adservice.google.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUn7KqrIddXn_Ec6fBMGn-wxIDGZOvNeOJg-DGtggA0BZjN-y2dXGFuUly5seB8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adservice.google.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 18 Oct 2021 18:09:22 GMT
expires
Mon, 18 Oct 2021 18:09:22 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
506
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 18 Oct 2021 18:09:22 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
location
https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CK3zz43H1PMCFbT41QodoPMO3g;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999;~oref=https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
demconf.jpg
dpm.demdex.net/ Frame E887
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=82530&dpuuid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553&gdpr=0&gdpr_consent=
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553&gdpr=0&gdpr_consent=
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.156.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-156-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v019-0c18f40d5.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
k7xrgoTsRsE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v019-026df6ecb.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
1CtUbAM2Sec=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553&gdpr=0&gdpr_consent=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
check
pixel.tapad.com/idsync/ex/receive/ Frame E887
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2499&partner_device_id=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553
95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:22 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553
date
Mon, 18 Oct 2021 18:09:22 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
loadm.exelator.com/load/ Frame E887 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=700&j=0&buid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553&gdpr=0&gdpr_consent=
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.126.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
um
sync.teads.tv/ Frame E887 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=73&uid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553&gdpr=0&gdpr_consent=
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:22 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 18 Oct 2021 18:09:22 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif
tpid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553
bcp.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/ Frame E887
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=1389/tp=STSC/tpid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553
  • https://bcp.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/tpid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553
49 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/tpid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:22 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.15.111
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:22 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/tpid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553
cache-control
no-cache
x-server
10.45.10.232
content-length
0
expires
0
demconf.jpg
dpm.demdex.net/ Frame AC85
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=82530&dpuuid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553&gdpr=0&gdpr_consent=
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553&gdpr=0&gdpr_consent=
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.156.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-156-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v019-02cd5e33a.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
MIdqEvU2RQ8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v019-0abf208d3.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
Ymkv7FO6Q30=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553&gdpr=0&gdpr_consent=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
check
pixel.tapad.com/idsync/ex/receive/ Frame AC85
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2499&partner_device_id=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553
95 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:22 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553
date
Mon, 18 Oct 2021 18:09:22 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
loadm.exelator.com/load/ Frame AC85 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=700&j=0&buid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553&gdpr=0&gdpr_consent=
Requested by
Host: pixel.sitescout.com
URL: https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.126.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
um
sync.teads.tv/ Frame AC85 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=73&uid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553&gdpr=0&gdpr_consent=
Requested by
Host: pixel.sitescout.com
URL: https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:22 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 18 Oct 2021 18:09:22 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif
tpid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553
bcp.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/ Frame AC85
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=1389/tp=STSC/tpid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553
  • https://bcp.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/tpid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/tpid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:22 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.12.76
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:22 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/tpid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553
cache-control
no-cache
x-server
10.45.11.97
content-length
0
expires
0
pushly-sdk.min.css
cdn.p-n.io/ 		26 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.p-n.io/pushly-sdk.min.css?domain_key=8TvuqyAv5q0L7mPKRbEHz1EQbjDrAwgM2XRu
Requested by
Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=8TvuqyAv5q0L7mPKRbEHz1EQbjDrAwgM2XRu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.46 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-46.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
501b84d7db37a158e0313efd545c334fc75d82750e1248fa383321c67728b1ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 18:33:30 GMT
content-encoding
gzip
last-modified
Wed, 07 Jul 2021 15:59:32 GMT
server
AmazonS3
age
84953
etag
W/"f78fe2b0b79df0619d393cfc42450ddf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
ULoQuPuCWqDzxLK2X6TQbk88Rkw2yR6U_-DkChBUKMdjxrWQ8dByzQ==
cx.cce.js
cdn.cxense.com/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
84.53.164.84 , Ascension Island, ASN34164 (AKAMAI-LON, NL),
Reverse DNS
a84-53-164-84.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
78b341647e8bf718869378550c0c14b87bfe33967b4944d7dac6a2a1f3290d4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 18 Oct 2021 18:09:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Jul 2021 14:49:19 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5864
Expires
Mon, 18 Oct 2021 19:09:22 GMT
execute
c2.piano.io/xbuilder/experience/ 		30 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=vxCIN3E3cT
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.42.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
878e8e6309ebfffdc45757f554e65186dd2eac308d488bff93b7b39a7a0d881e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
*/*
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 18 Oct 2021 18:09:23 GMT
content-encoding
gzip
vary
Accept-Encoding, Origin
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id
o9kdmkbq5s
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
6a03b7a7fcd44126-PRG
get.js
buy.tinypass.com/api/v3/anon/captcha/ 		153 B
351 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=vxCIN3E3cT
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.185.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5c5dd87b58e18d27d3ff620493679afd90e79dc698222a821587ea901538ee2
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:22 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
EXPIRED
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id
Cmfq61rXuTG
pragma
wn
prod-dash-10-0-130-103
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
server-time
0.005
cache-control
public, max-age=1200
cf-ray
6a03b7a49c672784-PRG
expires
Mon, 18 Oct 2021 18:29:22 GMT
/
www.facebook.com/tr/ 		44 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=3047781918617987&ev=PageView&dl=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&rl=&if=false&ts=1634580562583&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1634580562581.1216078600&it=1634580562305&coo=false&exp=p0&rqm=GET
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.35 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:22 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 18 Oct 2021 18:09:22 GMT
asyncPixelSync
pixel.sitescout.com/dmp/ Frame 03A5
Redirect Chain
  • https://pixel-a.basis.net/dmp/asyncPixelSync
  • https://pixel.sitescout.com/dmp/asyncPixelSync
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by
Host: 8234312.fls.doubleclick.net
URL: https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CK3zz43H1PMCFbT41QodoPMO3g;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999;~oref=https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Southampton, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
57045f1a345b6fe852aa6615b61fc5920a9bd315adfec366d678d8f1cfb53588

Request headers

:method
GET
:authority
pixel.sitescout.com
:scheme
https
:path
/dmp/asyncPixelSync
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://8234312.fls.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
ssi=57fd39f8-a0fa-4b09-87ab-776bd2526cb0#1634580562312; _ssuma=eyIzNCI6MTYzNDU4MDU2MjMzNywiMiI6MTYzNDU4MDU2MjMzNywiNCI6MTYzNDU4MDU2MjMzNywiMzkiOjE2MzQ1ODA1NjIzMzcsIjciOjE2MzQ1ODA1NjIzMzd9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CK3zz43H1PMCFbT41QodoPMO3g;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999;~oref=https://www.sltrib.com/news/2021/03/10/no-link-between-covid/

Response headers

cache-control
max-age=0,no-cache,no-store
pragma
no-cache
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
set-cookie
ssi=57fd39f8-a0fa-4b09-87ab-776bd2526cb0#1634580562312; Domain=.sitescout.com; Expires=Tue, 18-Oct-2022 18:09:22 GMT; Path=/; Secure; SameSite=None _ssuma=eyIzNCI6MTYzNDU4MDU2MjMzNywiNDUiOjE2MzQ1ODA1NjI3NDksIjIiOjE2MzQ1ODA1NjIzMzcsIjMiOjE2MzQ1ODA1NjI3NDksIjQiOjE2MzQ1ODA1NjIzMzcsIjM5IjoxNjM0NTgwNTYyMzM3LCIyOCI6MTYzNDU4MDU2Mjc0OSwiNyI6MTYzNDU4MDU2MjMzNywiMjkiOjE2MzQ1ODA1NjI3NDksIjgiOjE2MzQ1ODA1NjI3NDl9; Domain=.sitescout.com; Expires=Wed, 17-Nov-2021 18:09:22 GMT; Path=/; Secure; SameSite=None
content-type
text/html;charset=UTF-8
content-length
1177
date
Mon, 18 Oct 2021 18:09:22 GMT
server
AC1.1

Redirect headers

content-length
0
location
https://pixel.sitescout.com/dmp/asyncPixelSync
9f30138796dc7a6a
pixel.sitescout.com/iap/ Frame 374D
Redirect Chain
  • https://pixel-a.basis.net/iap/9f30138796dc7a6a
  • https://pixel.sitescout.com/iap/9f30138796dc7a6a
0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/iap/9f30138796dc7a6a
Requested by
Host: 8234312.fls.doubleclick.net
URL: https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CK3zz43H1PMCFbT41QodoPMO3g;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999;~oref=https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Southampton, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8234312.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:22 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location
https://pixel.sitescout.com/iap/9f30138796dc7a6a
content-length
0
cx.js
cdn.cxense.com/ 		116 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
84.53.164.84 , Ascension Island, ASN34164 (AKAMAI-LON, NL),
Reverse DNS
a84-53-164-84.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b64f53bf69d080d62a915b32b4c7c8a2b31a787b3ccf64c4a63aeba170355c22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 18 Oct 2021 18:09:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Oct 2021 12:43:03 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27751
Expires
Mon, 18 Oct 2021 19:09:22 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1634580562612&sessionId=b7eb45ce-54b0-e5f6-84eb-76cc2655f39e&url=www.sltrib.com&cheqSource=1&cheqEvent=2&responseTime=1066
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Oct 2021 18:09:22 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
d9060a062e6f274b1b6157ef6dfc5101
Content-Length
4
Expires
0
imp.gif
obs.cheqzone.com/tracker/ 		43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e001369eac23dea428c9f9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163342775a98d5037af473abf8d7ea5f53af0ccce27bb9768f3580428f175df1675ca548171b29d5493ebeb8e5aa33b03aae16a277e34f716db9dc271e62245f816e99d51ff41d2589d3f17e181d7784fd776494855f193447771713dcf6481d011bb4a61022d9bb827bc3bb046b0d5ff3e4fac9cd68b7dec05af552995f397ccbeb8ad6a762c19ebb74923009cffacf3e0404b5342eba9a0663e88efa738c55fd14bbd74ec61d9d9e7cc2693c969c728d3690d5bdf7dae7ea0b36e46af3e2ae3b5b26efd662c3bc10e6404f53d30b588286d09ac0aadf67c87185c4b2dc2fbe267d32c4366b83849f0e7f90fd66be4df69d5b867caf3143465b813ab818cd8afe2de8d475954daadc8e966b83164a66f1575b53795f6bc0ab6ffb44d9d88c22e8de2bbd962b9adabab03d9fb7e44e6b72c8b10d0a9ba7071a5acdbfac65a63c86e95fe6fc2db774bc329450c809d1a83ddb0721e4aa8e7b3c39601f370d5c15c7fd9e3fc008a5313b5135eae65dd599041ebbe9cdb0b870d0aeb1bec0aded82140a62bf1ed8e14b64c701204ecb711e317efc7be2&cb=1634580562612&cri=13pUMGDrtY
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.172.245.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-245-152.compute-1.amazonaws.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:22 GMT
cache-control
no-cache, no-store, must-revalidate
cheq_headers_order
Cache-Control Pragma Expires Content-Type Date Connection Content-Length
content-type
image/gif
content-length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:22 GMT
last-modified
Wed, 29 Sep 2021 12:08:44 GMT
server
AkamaiNetStorage
etag
"c52b07e749f7a09fa7b97b7e195e06ce:1632925436.604073"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2326
expires
Wed, 17 Nov 2021 18:09:22 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:22 GMT
last-modified
Wed, 29 Sep 2021 12:08:44 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1632925421.842018"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Wed, 17 Nov 2021 18:09:22 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=3a9424c722ebffaa5bfafc53dc25d4d1_43051_1634580562593&tm=1290&eT=0&widgetWidth=1250&widgetHeight=810&widgetX=175&widgetY=4848&wRV=2000476&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=2&rtt=362&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Mon, 18 Oct 2021 18:09:23 GMT
content-encoding
gzip
X-TraceId
f24e5b4f6576414fe4d5d623068f4c2f
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
streamFeed.js
widgets.outbrain.com/nanoWidget/2000476/module/ 		56 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000476/module/streamFeed.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
27b09941b35ac66529f0911975b1b47b9ef34ae76193f5228c5f20d113665c74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:22 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 12:36:07 GMT
server
AkamaiNetStorage
etag
"585a1a6f540076b0f8ad940a34477d0d:1634563726.093117"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=345600
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
18521
get
mv.outbrain.com/Multivac/api/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=sltrib.com&settings=true&recs=true&widgetJSId=AR_1&key=NANOWDGT01&version=2000476&apv=true&sig=tJ6I28Hf&format=html&rand=65308&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=M2E5NDI0YzcyMmViZmZhYTViZmFmYzUzZGMyNWQ0ZDE=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=0&lastCardIdx=0&fAB=11112-0&layeredTestInfo=11112-0-&clss=BPVFHbCNRmq88BhDq%2BU4o1sq9WF3nTvRKuWzvzO1c5ZH5l4ZD%2FdikhZ6b0%2BOlvBXO2A6mRzIewQ%2Fvum7&pcer=p%3DJx9okoFWrOUH2-vtoS4nTM37DsBNmiKMYg0Tr5FRiAk%26c%3Dbe07df2a%26v%3D3&dpr=1&cw=1250
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000476/module/streamFeed.js?e=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4b09c35105f9c5d7a07edf2c33c64d7da9397bfc1e645cc5552410b4397d267c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:23 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, HHN, Europe1
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip
157.52.117.56
x-cache-hits
0, 0
x-traceid
7499bf40a0d510da28c1710feba86a46
content-encoding
gzip
content-length
12597
x-served-by
cache-lga21956-LGA, cache-hhn4067-HHN
x-timer
S1634580563.210827,VS0,VE544
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/ Frame F886 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.35 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
2846
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://www.sltrib.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
Origin
https://www.sltrib.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
date
Mon, 18 Oct 2021 18:09:23 GMT
384136.gif
idsync.rlcdn.com/ Frame 03A5 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/384136.gif?partner_uid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553
Requested by
Host: 8234312.fls.doubleclick.net
URL: https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CK3zz43H1PMCFbT41QodoPMO3g;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999;~oref=https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:23 GMT
via
1.1 google
alt-svc
clear
content-length
0
usermatch.gif
beacon.krxd.net/ Frame 03A5 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner_id=sscout&partner_uid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553&gdpr=0&gdpr_consent=
Requested by
Host: 8234312.fls.doubleclick.net
URL: https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CK3zz43H1PMCFbT41QodoPMO3g;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999;~oref=https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.234.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-234-106.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:23 GMT
cache-control
private, no-cache, no-store
x-request-time
D=24 t=1634580563
x-served-by
beacon-n006-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
17724
tags.bluekai.com/site/ Frame 03A5 		62 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/17724?id=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553
Requested by
Host: 8234312.fls.doubleclick.net
URL: https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CK3zz43H1PMCFbT41QodoPMO3g;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999;~oref=https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 18 Oct 2021 18:09:23 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif
partner
sync.search.spotxchange.com/ Frame 03A5
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7308&uid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553
  • https://sync.search.spotxchange.com/partner?adv_id=7308&uid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553&__user_check__=1&sync_id=85d20e86-303e-11ec-85d9-17d925990306
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7308&uid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553&__user_check__=1&sync_id=85d20e86-303e-11ec-85d9-17d925990306
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 , Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 18 Oct 2021 18:09:23 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
120
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Mon, 18 Oct 2021 18:09:23 GMT
Server
nginx
Location
/partner?adv_id=7308&uid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553&__user_check__=1&sync_id=85d20e86-303e-11ec-85d9-17d925990306
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
4
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 03A5 		42 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553&gdpr=0&gdpr_consent=
Requested by
Host: 8234312.fls.doubleclick.net
URL: https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CK3zz43H1PMCFbT41QodoPMO3g;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7335547324542.999;~oref=https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:23 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug014:0:375
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&pid=R90WM6CzvPG1m&cb=0&ws=1600x1200&v=7.69.01&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F89799359%2Fnew_sltrib.com%2FNews_Section%2Fleaderboard1%22%7D%5D&pubid=debf9330-3806-4aee-a4d7-19e9cece1a09&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:23 GMT
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
Z1MDEYEAV7HX568MR659
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
3HygI-mz3SOKbosND1IFXH2MCFU_HlBvEwihEnm2NcAbOiZHsToLog==
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sltrib.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 18:09:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sltrib.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 18:09:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2379568312541641&correlator=1500761738554833&output=ldjh&impl=fif&eid=31062526&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211018&iu_parts=89799359%2Cnew_sltrib.com%2CNews_Section&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=SLT-NEW-POS%3Dmob_cube1%2Cleaderboard1%2Cleaderboard1%26div%3Dsltrib-promo-1&cust_params=amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1634580560&dt=1634580563267&dlt=1634580560505&idt=1094&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=16&adks=994546634&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x90&msz=728x-1&ga_vid=333263264.1634580562&ga_sid=1634580563&ga_hid=944115075&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
03f9ef25e56a3df087815ca83500dba2eba39bfbc38fe6caa9be3d7adbb01e05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7808
x-xss-protection
0
google-lineitem-id
5776511036
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138361539046
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a74de3f5d59e5a5da1f465ef915dc544.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3C90 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a74de3f5d59e5a5da1f465ef915dc544.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
a74de3f5d59e5a5da1f465ef915dc544.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 18 Oct 2021 18:09:23 GMT
expires
Tue, 18 Oct 2022 18:09:23 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&pid=R90WM6CzvPG1m&cb=1&ws=1600x1200&v=7.69.01&t=2000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F89799359%2Fnew_sltrib.com%2FNews_Section%2Fbb1%22%7D%5D&pubid=debf9330-3806-4aee-a4d7-19e9cece1a09&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:23 GMT
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
MHQ47MWJ1DTJ1SDPTRXY
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
u9ZDdW-urQryyLKidaO-988FlO5HghFOPEi5wSOJ_OW2t8FRPt2Jkw==
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2379568312541641&correlator=1500761738554833&output=ldjh&impl=fif&eid=31062526&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211018&iu_parts=89799359%2Cnew_sltrib.com%2CNews_Section&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=SLT-NEW-POS%3Dmob_cube2%2Cleaderboard2%2Cbb1%26div%3Dsltrib-promo-2&cookie_enabled=1&bc=31&abxe=1&lmt=1634580560&dt=1634580563288&dlt=1634580560505&idt=1094&frm=20&biw=1600&bih=1200&oid=2&adxs=141&adys=1607&adks=629866242&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=920x90&msz=728x-1&ga_vid=333263264.1634580562&ga_sid=1634580563&ga_hid=944115075&ga_fc=false&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ec21994398e4e7f1d779c851963ad73aace7e2448711c582370fa5450bd49804
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7810
x-xss-protection
0
google-lineitem-id
5776511036
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138361539049
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&pid=R90WM6CzvPG1m&cb=2&ws=1600x1200&v=7.69.01&t=2000&slots=%5B%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F89799359%2Fnew_sltrib.com%2FNews_Section%2Fbb2%22%7D%5D&pubid=debf9330-3806-4aee-a4d7-19e9cece1a09&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:23 GMT
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
4MG0NFBS42VSQ3VWT60T
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
WhrDXJFCbJBOFmllDMJgOhxkDScbjvxsBUC5vSfRXbPWngEfzxTaLA==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&pid=R90WM6CzvPG1m&cb=3&ws=1600x1200&v=7.69.01&t=2000&slots=%5B%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F89799359%2Fnew_sltrib.com%2FNews_Section%2Fbb3%22%7D%5D&pubid=debf9330-3806-4aee-a4d7-19e9cece1a09&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:23 GMT
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
RNKMC35FSDX3AMAZX8V1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
3WNQu9cOZWhjIRSm39MQE9bjqDYf_fm1o361IlKeaDV0xN4woS6NvA==
cygnus
htlb.casalemedia.com/ 		78 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?v=7.2&s=229483&fn=headertag.IndexExchangeHtb.adResponseCallback&sd=1&r=%7B%22id%22%3A%2272314908%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2225%22%2C%22siteID%22%3A%22348004%22%7D%7D%5D%7D%2C%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22567680f8-24d9-476e-98f8-bd7261493f13%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-10-18T18%3A09%3A22%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186212-190626348116582.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b4b25207a7c891ee8e5576435f4c4660a1afd792ee6edd0089e4a1fe815021c0

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:24 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.114.19], XFF:[]
server
Apache
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sltrib.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
78
x-ak-client-geo
12
expires
Mon, 18 Oct 2021 18:09:24 GMT
ortb
bid.contextweb.com/header/ 		0
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.contextweb.com/header/ortb
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186212-190626348116582.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.134 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 Oct 2021 18:09:23 GMT
server
envoy
cwdl
22/148
access-control-allow-origin
https://www.sltrib.com
access-control-expose-headers
Access-Control-Allow-Origin
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
cw-server
bid-deployment-74f9689848-qn5g6
arj
sltrib-d.openx.net/w/1.0/
Redirect Chain
  • https://sltrib-d.openx.net/w/1.0/arj?auid=540769365&aus=728x90&ju=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200...
  • https://sltrib-d.openx.net/w/1.0/arj?cc=1&auid=540769365&aus=728x90&ju=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600...
232 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sltrib-d.openx.net/w/1.0/arj?cc=1&auid=540769365&aus=728x90&ju=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._mm0LQisj&cache=1634580563314&ttduuid=567680f8-24d9-476e-98f8-bd7261493f13
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
970b79c6fa17946229d243313cadf52d3eaa768140686c42a772a2c7053bc459

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:23 GMT
content-encoding
gzip
server
OXGW/16.217.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sltrib.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
218
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 18 Oct 2021 18:09:23 GMT
via
1.1 google
server
OXGW/16.217.0
location
https://sltrib-d.openx.net/w/1.0/arj?cc=1&auid=540769365&aus=728x90&ju=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._mm0LQisj&cache=1634580563314&ttduuid=567680f8-24d9-476e-98f8-bd7261493f13
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
alt-svc
clear
content-length
0
cdb
bidder.criteo.com/ 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=114&profileId=154&cb=31263363192
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sltrib.com
date
Mon, 18 Oct 2021 18:09:22 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21318&size_id=2&rp_floor=0.01&rf=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&p_screen_res=1600x1200&site_id=277252&zone_id=1385312&kw=rp.fastlane&tk_flint=index&rand=0.5843166410768652
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186212-190626348116582.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.51 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
278ae4242b520e91bbda263623483bdb1e2e0ad89e9335b09fe65315e0eed096

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 18 Oct 2021 18:09:23 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		138 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186212-190626348116582.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
8831f6ee65c0f911f10c3de69a9cf594f4bc582211a5c954f1d097d84681ec4c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 18 Oct 2021 18:09:23 GMT
X-Proxy-Origin
216.131.114.19; 216.131.114.19; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e42d968e-6c57-4da7-a128-3e5e0673354c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&pid=R90WM6CzvPG1m&cb=4&ws=1600x1200&v=7.69.01&t=2000&slots=%5B%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F89799359%2Fnew_sltrib.com%2FNews_Section%2Fbb4%22%7D%5D&pubid=debf9330-3806-4aee-a4d7-19e9cece1a09&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:23 GMT
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
S4TBMCEZ5ZKREV8R7R6W
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
J7X9rTWOQ5--bPFaYZPTzsA1K73O2OarAEuk_aPn77tHQdui6ROzCg==
cdb
bidder.criteo.com/ 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=114&profileId=154&cb=69739016047
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sltrib.com
date
Mon, 18 Oct 2021 18:09:22 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
ortb
bid.contextweb.com/header/ 		0
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.contextweb.com/header/ortb
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186212-190626348116582.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.134 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 Oct 2021 18:09:23 GMT
server
envoy
cwdl
22/148
access-control-allow-origin
https://www.sltrib.com
access-control-expose-headers
Access-Control-Allow-Origin
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
cw-server
bid-deployment-74f9689848-j82lq
cygnus
htlb.casalemedia.com/ 		78 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?v=7.2&s=229483&fn=headertag.IndexExchangeHtb.adResponseCallback&sd=1&r=%7B%22id%22%3A%2252637882%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22sid%22%3A%229%22%2C%22siteID%22%3A%22347969%22%7D%7D%5D%7D%2C%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22567680f8-24d9-476e-98f8-bd7261493f13%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-10-18T18%3A09%3A22%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186212-190626348116582.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
10a1385c35cf59ee4e62360451c6eca35309ee84fa0209718eb59b1dcf9e3256

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:24 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.114.19], XFF:[]
server
Apache
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sltrib.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
78
x-ak-client-geo
12
expires
Mon, 18 Oct 2021 18:09:24 GMT
arj
sltrib-d.openx.net/w/1.0/
Redirect Chain
  • https://sltrib-d.openx.net/w/1.0/arj?auid=540769383&aus=300x600&ju=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x120...
  • https://sltrib-d.openx.net/w/1.0/arj?cc=1&auid=540769383&aus=300x600&ju=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=160...
232 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sltrib-d.openx.net/w/1.0/arj?cc=1&auid=540769383&aus=300x600&ju=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._Ka8OUfzf&cache=1634580563339&ttduuid=567680f8-24d9-476e-98f8-bd7261493f13
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
829756054147c6e161c7573ff9d90a0accbcb52b0e81a6fb11d70005fbd67b52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:23 GMT
content-encoding
gzip
server
OXGW/16.217.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sltrib.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
218
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 18 Oct 2021 18:09:23 GMT
via
1.1 google
server
OXGW/16.217.0
location
https://sltrib-d.openx.net/w/1.0/arj?cc=1&auid=540769383&aus=300x600&ju=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._Ka8OUfzf&cache=1634580563339&ttduuid=567680f8-24d9-476e-98f8-bd7261493f13
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
alt-svc
clear
content-length
0
prebid
ib.adnxs.com/ut/v3/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21318&size_id=10&rp_floor=0.01&rf=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&p_screen_res=1600x1200&site_id=277252&zone_id=1385348&kw=rp.fastlane&tk_flint=index&rand=0.7990465023854147
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186212-190626348116582.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.51 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
30a3a4971dbadd937cf483b7e077419db003a4996f293fe03d3b09cd68439612

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 18 Oct 2021 18:09:23 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&pid=R90WM6CzvPG1m&cb=5&ws=1600x1200&v=7.69.01&t=2000&slots=%5B%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F89799359%2Fnew_sltrib.com%2FNews_Section%2Fmonster1%22%7D%5D&pubid=debf9330-3806-4aee-a4d7-19e9cece1a09&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:23 GMT
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
G3WGYX1WWCP2AR17MG0C
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
1FA_TWYVY82YOgpj3YEGbaj8LpZcLyV7N-nfkM9qlo2dL-h6K543_g==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&pid=R90WM6CzvPG1m&cb=6&ws=1600x1200&v=7.69.01&t=2000&slots=%5B%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%221140x90%22%5D%2C%22sn%22%3A%22%2F89799359%2Fnew_sltrib.com%2FNews_Section%2Fdesktop_banner_fixed%22%7D%5D&pubid=debf9330-3806-4aee-a4d7-19e9cece1a09&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:23 GMT
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
X3AWWW46MN47P1MG7DP9
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
Y2156VJEsAF2izdH2z_jcm4eXBvfophHSo3KBtqFQPqcZus4R3vkBA==
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=944115075&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&ul=en-us&de=UTF-8&dt=No%20link%20between%20COVID-19%20vaccine%20and%204%20Utahns%20who%20died%20after%20shots%2C%20medical%20examiner%20says&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHBAAEABAAAAAC~&jid=5713457&gjid=432769601&cid=333263264.1634580562&tid=UA-26935592-1&_gid=1780526720.1634580562&_r=1&_slc=1&cd2=Sean%20P.%20Means&cd3=Health&cd4=2021-03-10T04%3A39%3A01.050Z&cd5=ONAOREB5FFGH3MAXCQK3JMXMFI&cd6=No%20link%20between%20COVID-19%20vaccine%20and%204%20Utahns%20who%20died%20after%20shots%2C%20medical%20examiner%20says&cd8=&cd9=coronavirus&cd7=anon&z=1813201469
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		63 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2379568312541641&correlator=1500761738554833&output=ldjh&impl=fif&eid=31062526&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211018&iu_parts=89799359%2Cnew_sltrib.com%2CNews_Section&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1140x90&prev_scp=SLT-NEW-POS%3Dmob_banner_fixed%2Cdesktop_banner_fixed%2Cdesktop_banner_fixed%26div%3Dsltrib-promo-99&cookie_enabled=1&bc=31&abxe=1&lmt=1634580560&dt=1634580563427&dlt=1634580560505&idt=1094&frm=20&biw=1600&bih=1200&oid=2&adxs=230&adys=1110&adks=492083525&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1140x-1&ga_vid=333263264.1634580562&ga_sid=1634580563&ga_hid=944115075&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
3259adf52da1290a7b0488bcbc24da28be75172ac3a62524913509f0576e0baa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
16128
x-xss-protection
0
google-lineitem-id
5801438314
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138365795189
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2379568312541641&correlator=1500761738554833&output=ldjh&impl=fif&eid=31062526&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211018&iu_parts=89799359%2Cnew_sltrib.com%2CNews_Section&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=SLT-NEW-POS%3Dmob_cube4%2Cleaderboard4%2Cbb3%26div%3Dsltrib-promo-4&cookie_enabled=1&bc=31&abxe=1&lmt=1634580560&dt=1634580563432&dlt=1634580560505&idt=1094&frm=20&biw=1600&bih=1200&oid=2&adxs=141&adys=2853&adks=1514335034&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=920x90&msz=728x-1&ga_vid=333263264.1634580562&ga_sid=1634580563&ga_hid=944115075&ga_fc=false&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
8651e9ef2609c47d0363798e22654f41f07fb5c81fc73e6ecaf4027f3faaf9b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7802
x-xss-protection
0
google-lineitem-id
5776511036
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138361238499
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2379568312541641&correlator=1500761738554833&output=ldjh&impl=fif&eid=31062526&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211018&iu_parts=89799359%2Cnew_sltrib.com%2CNews_Section&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=SLT-NEW-POS%3Dmob_cube3%2Cleaderboard3%2Cbb2%26div%3Dsltrib-promo-3&cookie_enabled=1&bc=31&abxe=1&lmt=1634580560&dt=1634580563437&dlt=1634580560505&idt=1094&frm=20&biw=1600&bih=1200&oid=2&adxs=141&adys=2364&adks=1391537391&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=920x90&msz=728x-1&ga_vid=333263264.1634580562&ga_sid=1634580563&ga_hid=944115075&ga_fc=false&fws=0&ohw=0&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
bcce076b102ced000f864c0446c19f3998f4331b6dc9d4fbddb771c437514430
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7803
x-xss-protection
0
google-lineitem-id
5776511036
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138361538998
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
bidder.criteo.com/csm/ 		0
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sltrib.com
date
Mon, 18 Oct 2021 18:09:22 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
events
bidder.criteo.com/csm/ 		0
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sltrib.com
date
Mon, 18 Oct 2021 18:09:23 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
sp1.html
cdn.cxense.com/ Frame BE8C 		1 KB
880 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/sp1.html
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
84.53.164.84 , Ascension Island, ASN34164 (AKAMAI-LON, NL),
Reverse DNS
a84-53-164-84.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c92cab84b44ac37925a00450873a018ac601883a2d6e7a760ea38fdde7671004

Request headers

Host
cdn.cxense.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/

Response headers

Accept-Ranges
bytes
Last-Modified
Fri, 30 Jul 2021 08:31:32 GMT
Server
AkamaiNetStorage
Content-Length
510
Cache-Control
max-age=864000
Expires
Thu, 28 Oct 2021 18:09:23 GMT
Date
Mon, 18 Oct 2021 18:09:23 GMT
Connection
keep-alive
Content-Type
text/html
Content-Encoding
gzip
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
collect
stats.g.doubleclick.net/j/ 		4 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-26935592-1&cid=333263264.1634580562&jid=5713457&gjid=432769601&_gid=1780526720.1634580562&_u=aHBAAEAAAAAAAC~&z=1699217145
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 18 Oct 2021 18:09:23 GMT
content-type
text/plain
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd
eu-u.openx.net/w/1.0/ Frame B7BD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=0
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186212-190626348116582.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
accept-encoding
gzip, deflate, br
cookie
i=b0e46b29-059b-0233-179e-22d20232d784|1634580563
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=b0e46b29-059b-0233-179e-22d20232d784|1634580563; Version=1; Expires=Tue, 18-Oct-2022 18:09:23 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1634580563|mOgeginskin0vNomiygu; Version=1; Expires=Tue, 02-Nov-2021 18:09:23 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.217.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 18 Oct 2021 18:09:23 GMT
content-type
text/html
content-length
542
content-encoding
gzip
via
1.1 google
alt-svc
clear
cx.js
cdn.cxense.com/ Frame BE8C 		116 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
84.53.164.84 , Ascension Island, ASN34164 (AKAMAI-LON, NL),
Reverse DNS
a84-53-164-84.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b64f53bf69d080d62a915b32b4c7c8a2b31a787b3ccf64c4a63aeba170355c22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/sp1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 18 Oct 2021 18:09:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Oct 2021 12:43:03 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27751
Expires
Mon, 18 Oct 2021 19:09:23 GMT
pd
eu-u.openx.net/w/1.0/ Frame 66EC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=0
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186212-190626348116582.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=10&ph=fedef738-35bb-43fe-83e2-a938df37c740&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
accept-encoding
gzip, deflate, br
cookie
i=b0e46b29-059b-0233-179e-22d20232d784|1634580563
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=b0e46b29-059b-0233-179e-22d20232d784|1634580563; Version=1; Expires=Tue, 18-Oct-2022 18:09:23 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1634580563|mOgeginskin0vNomiygu; Version=1; Expires=Tue, 02-Nov-2021 18:09:23 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.217.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 18 Oct 2021 18:09:23 GMT
content-type
text/html
content-length
542
content-encoding
gzip
via
1.1 google
alt-svc
clear
ga-audiences
www.google.com/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-26935592-1&cid=333263264.1634580562&jid=5713457&_u=aHBAAEAAAAAAAC~&z=1275849312
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-26935592-1&cid=333263264.1634580562&jid=5713457&_u=aHBAAEAAAAAAAC~&z=1275849312
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p1.js
p1cluster.cxense.com/ Frame BE8C 		0
0
8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
d3plfjw9uod7ab.cloudfront.net/ad/ 		105 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.151 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-151.fra2.r.cloudfront.net
Software
Cowboy /
Resource Hash
349854751e21b3fa52ac4ca50594acaecd57686cb4d3bd4aa14b1f5f2d6c5833

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 18 Oct 2021 18:08:42 GMT
via
1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
server
Cowboy
age
98
etag
0538BE43809B7310980944F75F0ED3DCD74C505E
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
content-length
107457
x-amz-cf-id
nx9bwa0c9omxWUFEtxiMSXavBL4D30lnoX_z74SDlFI3nWqCwjRvYQ==
x-request-id
Fq5AWNj-19-7xEMBfZgh
index.js
cdn1.opstag.com/14129/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/14129/index.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.66 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-66.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a7f31c31e9f9d90fad4687f4f9739466951d0248b305f5ecf262978748b6d17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:25 GMT
content-encoding
gzip
last-modified
Fri, 15 Oct 2021 12:14:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"cfdf3e1bb2ef20990335be71f6e9728d"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
4938
x-amz-cf-id
gI0GLFXsO154iqUTtI_HRNnMUkagwctKx-l-37lCOjo6Ut-aRtab7A==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 18 Oct 2021 18:09:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37919
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634125446224599"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 18 Oct 2021 18:09:25 GMT
player.css
cds.connatix.com/p/133566/ 		53 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/133566/player.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4fbff6ff8867967f8d2558d1aea035ce50147119b8f295f6f46f038fba79bdb4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:24 GMT
content-encoding
br
last-modified
Mon, 18 Oct 2021 16:56:24 GMT
age
4151
etag
"571910b98cd94a1811ec401554c3667a"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
8254
connatix.playspace.css
cds.connatix.com/p/133566/ 		95 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/133566/connatix.playspace.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5268ac15e7bd3c204ac9475d6a17721a3e3a63b024f1a4fa163efaaa993b7453

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:24 GMT
content-encoding
br
last-modified
Mon, 18 Oct 2021 16:56:24 GMT
age
4151
etag
"3d2d8f43a7d12106855b4531546d8678"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
13314
singleAnimationOnFeed.js
widgets.outbrain.com/nanoWidget/2000476/module/ 		550 B
833 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000476/module/singleAnimationOnFeed.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
403cea8095f7c63dbad7fa344ee0077ff3ab8af037ea6c8ff9bebff740662015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:24 GMT
last-modified
Mon, 18 Oct 2021 12:36:07 GMT
server
AkamaiNetStorage
etag
"bf1dc0a082dfc25e069328057fe013c4:1634563721.837991"
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=345600
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
550
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=0785ede761dadbb4df9a0107b95dea96_43051_1634580563487&tm=2982&eT=0&wRV=2000476&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1231&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Mon, 18 Oct 2021 18:09:24 GMT
content-encoding
gzip
X-TraceId
54da62efc367258ee1cb8733ac3a45bd
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=9ea8a6969e13c669689e8510345114b6_43051_1634580563693&tm=2984&eT=0&wRV=2000476&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1231&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Mon, 18 Oct 2021 18:09:24 GMT
content-encoding
gzip
X-TraceId
52cd981a920816615839636dab648f89
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
headerstats
as-sec.casalemedia.com/ 		0
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=229483&u=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186212-190626348116582.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 18 Oct 2021 18:09:24 GMT
X-AK-INITIAL-GEO
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.114.19], XFF:[]
Server
Apache
Access-Control-Allow-Origin
https://www.sltrib.com
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-AK-CLIENT-GEO
12
Expires
Mon, 18 Oct 2021 18:09:24 GMT
8d82a4d3-a206-4e49-9c15-68d5c36aa42e
api.devconops.com/api/v2/ad/impression/ 		0
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.devconops.com/api/v2/ad/impression/8d82a4d3-a206-4e49-9c15-68d5c36aa42e?rand=123668&referer=https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.53.45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYy%2Bs5ngE3TSTfZdq7Wn3hFzoQS263yynU59D8Rukm2TjWf1ZhPyGNm8nLp2xPeF2Xin%2Bxa%2B8cI3N5L3C%2BsFd4LklE8z4Zw7054Az3bzu%2B6Bi0yNlOHcsdFiDbcig29yn5mAMA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6a03b7b13bf74a7a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
x-request-id
Fq8yXQPeF4_frz4Dtjjy
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtnc50E6n-AcKoMRLsTEHgJTiyHyXNLaGBrlt-LPKbM7aRb96nJFFEkrRzw9aEI4-IXN8t3Tz9prl0xac1tdhIyKUvXngv9eee32pClRpxV42HTdHMDaMm3VjVGadVpFy0XZ-xFXDFGnIqEdC8wVc6Cyl8FUY9WcwaZzEjhGITG9xWWEejU4VM-2hBeobnnf7zcoWye2gvx0c72QxSfcy5v7KptLbr6x0SjBpDBEsJowGu42WKElYhMatPfJGTp0Cn5ZtnkyzR3xI0NVdAfE0VV6jVl3_mPXn55Ns-OgDST8G0Lym5Hy6nVcggDabd45whquSR0G6w2ak&sig=Cg0ArKJSzJjgYehaOuL2EAE&urlfix=1&adurl=
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 18:09:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
24dd11aa-a3c6-4210-8f26-770e961927df
https://www.sltrib.com/ 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.sltrib.com/24dd11aa-a3c6-4210-8f26-770e961927df
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
834077817a074e33624a962a4eb7dadc0a04f89d15252fc0e5ae47aec40e3597

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
1551
Content-Type
application/javascript
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=sltrib.com&p=%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&u=DhWz8sC9eA2GCqeDAk&d=sltrib.com&g=65212&g0=Health&g1=Sean%20P.%20Means&n=1&f=00001&c=0.05&x=0&m=0&y=1200&o=1600&w=1200&j=30&R=1&W=0&I=0&E=2&e=2&r=&b=2240&t=B1XhKABKiyPUDC4LiOCVajNOVBWdb&V=128&tz=0&_hottopic=&_acct=anon&sn=2&sv=BdicpLCxCzyZDTNyz1CexHvV5gfiZ&sd=1&im=067b2ff3&_
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.215.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-215-174.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:24 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
headerstats
as-sec.casalemedia.com/ 		0
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=229483&u=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186212-190626348116582.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 18 Oct 2021 18:09:24 GMT
X-AK-INITIAL-GEO
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.114.19], XFF:[]
Server
Apache
Access-Control-Allow-Origin
https://www.sltrib.com
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-AK-CLIENT-GEO
12
Expires
Mon, 18 Oct 2021 18:09:24 GMT
prebid.js
cdn1.opstag.com/14129/ Frame BADC 		300 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/14129/prebid.js
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.66 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-66.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
774308438b323dbb84cdeee6b50c8c3880bfae046ccd9610e70b07253806bd71

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:26 GMT
content-encoding
gzip
last-modified
Fri, 15 Oct 2021 12:14:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"95e9145be482c43b58af543d716222a9"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
95588
x-amz-cf-id
eKDJ3CNYTbl4JICrYpLTxmLpaNIAKgc3LsK2-AupQlEzRy1Mj1JEaw==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157898/3581/ Frame BADC 		166 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
64bff75a60c41b34a4deb9ce811a1e48a1b17bc3d3624715354764f6ae57cb63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:24 GMT
content-encoding
gzip
last-modified
Thu, 30 Sep 2021 19:51:44 GMT
server
Apache/2.2.15 (CentOS)
etag
"1421bfb-2987a-5cd3bc6b497d9"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=23175
accept-ranges
bytes
content-type
text/javascript
content-length
54629
expires
Tue, 19 Oct 2021 00:35:39 GMT
config.js
confiant-integrations.global.ssl.fastly.net/6NDWu2Xp1GnoaY0P5qy6y80dmR8/gpt_and_prebid/ Frame BADC 		60 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/6NDWu2Xp1GnoaY0P5qy6y80dmR8/gpt_and_prebid/config.js
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/index.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6bc2e1938dce0909795a59f648a83c112375db0214bbb8e15b0cf22e46954974

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 18 Oct 2021 18:09:24 GMT
Content-Encoding
gzip
Age
685
X-Cache
HIT
Connection
keep-alive
Content-Length
14468
x-amz-id-2
fMZuXrBmj5IIsLceULVx6YenopvQJZeoKWe7iLLlnauHTavcoIplYklw4bne3qAudUK1UFPveXg=
X-Served-By
cache-hhn4071-HHN
Last-Modified
Mon, 18 Oct 2021 17:49:25 GMT
Server
AmazonS3
X-Timer
S1634580565.859395,VS0,VE1
ETag
"5b1330e60323daa2fa7b566b0e98869b"
x-amz-request-id
TS08E7VPYZ4BH6BQ
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
1
placement.js
cdn1.opstag.com/14129/ Frame BADC 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/14129/placement.js?cb=1634580564705
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.66 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-66.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d0a021ee79d92e4df9b07e1df75036b876d352e703d0f19fd506918f866cade6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:26 GMT
content-encoding
gzip
last-modified
Fri, 15 Oct 2021 12:14:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"5240c2f158cc809c1f0bdfad2e2d91ff"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
6631
x-amz-cf-id
lhZsoO-x-PQZzhelTV0BQptsAkiJ7DsIjdF2QrWyxDtEoAvtZLl_xw==
ad
pubads.g.doubleclick.net/gampad/
Redirect Chain
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570/saltlaketribune/sltrib-14129-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5756270048
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570/saltlaketribune/sltrib-14129-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5756270048&pre=1
42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/gampad/ad?iu=/8570/saltlaketribune/sltrib-14129-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5756270048&pre=1
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
google-creative-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
google-lineitem-id
-2

Redirect headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 18:09:24 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pubads.g.doubleclick.net/gampad/ad?iu=/8570/saltlaketribune/sltrib-14129-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5756270048&pre=1
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202110181203/ Frame BADC 		181 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202110181203/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/6NDWu2Xp1GnoaY0P5qy6y80dmR8/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1a416fa981fbbbd500b1d664c7f1e67a1020b02f232aadbcef3fc11bcc46418

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 18 Oct 2021 18:09:24 GMT
Content-Encoding
gzip
Age
743
X-Cache
HIT
Connection
keep-alive
Content-Length
59150
x-amz-id-2
j+OBJNqh5SWy69P35u7NKLWEX/zr70atWELuyj4YfdyhOgFnsr9SvHKg0PHkQd8aTaMW6TZ0Exk=
X-Served-By
cache-hhn4071-HHN
Last-Modified
Mon, 18 Oct 2021 16:04:42 GMT
Server
AmazonS3
X-Timer
S1634580565.883403,VS0,VE0
ETag
"5768f4c77fd72a8e96d06797b2c4cf65"
x-amz-request-id
5RMG1MM4N84NNNSA
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
3967
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sltrib.com%2F&domain=www.sltrib.com&cw=1&lsw=1
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.sltrib.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.sltrib.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1695
date
Mon, 18 Oct 2021 18:09:24 GMT
content-encoding
gzip
vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame BADC 		342 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sltrib.com%2F&domain=www.sltrib.com&cw=1&lsw=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
72f101872bc0139113fd21484872afcab0504ab36998e0f564ef862924e572ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 18 Oct 2021 18:09:24 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2407
expires
0
gpt.js
www.googletagservices.com/tag/js/ Frame BADC 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
f54e27d486114ee3dc179d87cccb955f908477e5ad4cef408162e85222d157a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1018 / 470 of 1000 / last-modified: 1634555106"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27182
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 18 Oct 2021 18:09:24 GMT
/
includemodal.com/service/send/test/ 		2 B
162 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://includemodal.com/service/send/test/
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/ad/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.129.116.66 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-129-116-66.us-east-2.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Mon, 18 Oct 2021 18:09:25 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-headers
*
content-length
2
access-control-max-age
0
content-type
application/json
pubads_impl_2021101201.js
securepubads.g.doubleclick.net/gpt/ Frame BADC 		361 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
124532
x-xss-protection
0
last-modified
Tue, 12 Oct 2021 08:35:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 18 Oct 2021 18:09:25 GMT
arj
os4m-d.openx.net/w/1.0/ Frame BADC 		174 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://os4m-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5cdf50d3-c3cc-4205-8d4d-9aefe234fa5a&nocache=1634580565199&pubcid=33c52bcc-db43-44d6-9286-a952f0c8df5c&schain=1.0%2C1!yieldlift.com%2C2000027%2C1%2C%2C%2C&aus=728x90&divids=div-gpt-ad-2371410517890-0&aucs=&auid=545647200
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
41a6565310336a11e135d7846d8b9bb1f23bb516dbf87752a745a3d4668205fb

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:25 GMT
content-encoding
gzip
server
OXGW/16.217.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sltrib.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame BADC 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=261912&zone_id=2131224&size_id=2&rp_schain=1.0,1!yieldlift.com,2000027,1,,,&eid_pubcid.org=33c52bcc-db43-44d6-9286-a952f0c8df5c%5E1&rf=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&tk_flint=pbjs_lite_v5.1.0&x_source.tid=5cdf50d3-c3cc-4205-8d4d-9aefe234fa5a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.418552343843118
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.51 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ce3688c50589d1d31479c5023563da96c78ed18f77c248f5a1fd83ae8d81c8fd

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 18 Oct 2021 18:09:25 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ Frame BADC 		23 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=700519&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%225f2e1019f7923%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.1.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22yieldlift.com%22%2C%22sid%22%3A%222000027%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22679b91d5360573%22%2C%22ext%22%3A%7B%22siteID%22%3A%22700519%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9b7b775e82b7d6abe9672956d2108de585040e60065360d9924805c118ffcbec

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:25 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.114.19], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sltrib.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
43
x-ak-client-geo
12
expires
Mon, 18 Oct 2021 18:09:25 GMT
bid
ap.lijit.com/rtb/ Frame BADC 		24 B
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.1.0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
0503c587810f3a4e701af519f771deccd09606325b6df1db642c805253f9148a

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 18 Oct 2021 18:09:25 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.sltrib.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
prebid
ib.adnxs.com/ut/v3/ Frame BADC 		139 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
02f48fadcb87c438c60bcda7c1304e98994efb10d4aca458b0ec6a1e328b2093
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 18 Oct 2021 18:09:25 GMT
X-Proxy-Origin
216.131.114.19; 216.131.114.19; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e861b844-33e2-44f2-ab0f-cb760b11fb5a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ Frame BADC 		15 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.sltrib.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
trinity.json
apex.go.sonobi.com/ Frame BADC 		95 B
733 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221471adbdf39a1a6%22%3A%224e59f9b672442ace0282%7C728x90%7Cgpid%3D%2F8570%2Fsaltlaketribune%2Fsltrib-14129-728x90-activefill-desktop%22%7D&ref=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&s=6c5135fa-2434-4ed9-8092-7068b84652e2&pv=e91d99e1-53c7-4bc1-aa59-fddc2c4c25e5&vp=mobile&lib_name=prebid&lib_v=5.1.0&us=10&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22yieldlift.com%22%2C%22sid%22%3A%222000027%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%2233c52bcc-db43-44d6-9286-a952f0c8df5c%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2233c52bcc-db43-44d6-9286-a952f0c8df5c%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
ace65488560265e1e0508f4ced6908764a19f68bb735eb03e22b64860e6fbd08
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 18 Oct 2021 18:09:25 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-128
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.sltrib.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
120
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame BADC 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sltrib.com
date
Mon, 18 Oct 2021 18:09:25 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
integrator.js
adservice.google.de/adsid/ Frame BADC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sltrib.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 18:09:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame BADC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sltrib.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 18:09:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame BADC 		25 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2190293338351459&correlator=2282745943395355&output=ldjh&impl=fifs&eid=31063083%2C31063109%2C31063201&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211018&iu_parts=8570%2Csaltlaketribune%2Csltrib-14129-728x90-activefill-desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=rfsh%3D1%26rfshtime%3D14&eri=1&cookie=ID%3D627fedf3fd65bc2a%3AT%3D1634580563%3AS%3DALNI_MYCACfLUnkOq2s80r3kyLNdmizS-Q&bc=31&abxe=1&lmt=1634580565&dt=1634580565404&dlt=1634580564698&idt=298&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=0&adys=0&adks=870849309&ucis=zeakodyjlsmu&ifi=1&ifk=2703198593&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&ref=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&top=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=333263264.1634580562&ga_sid=1634580565&ga_hid=1890472459&ga_fc=true&fws=260&ohw=728&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
96047bac4e4ec348f46f749f124b0f357ed9b72efeb1a64633a7d5137aba9d60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11003
x-xss-protection
0
google-lineitem-id
5071160298
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138296811092
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8571fced92ea4a4ae707e3d42ab4d201.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5A82 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8571fced92ea4a4ae707e3d42ab4d201.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8571fced92ea4a4ae707e3d42ab4d201.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 18 Oct 2021 18:09:25 GMT
expires
Tue, 18 Oct 2022 18:09:25 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gaAccount
buy.tinypass.com/api/v3/anon/assets/ 		81 B
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/assets/gaAccount?aid=vxCIN3E3cT&tbc=%7Bjzx%7DnXcErWFN2iJHKnWRYyRH_7Lt0mjBoB5Siv9WxJpLSSSQl1V2eGNvE7xKrcVC1ugFGJeNcOqWPuHtxgyw2UR-brH_UjgHEVFaraX0IPKjoPU&user_provider=piano_id&user_token=&callApiJsonp=true&callback=jsonpCallback&_=1634580562470
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.186.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7c02fc4c3011ce2dd5127991d66dcdd40bab846d43c96995aa4145af560158a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray
6a03b7b789ac4120-PRG
date
Mon, 18 Oct 2021 18:09:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
wn
prod-dash-10-0-136-183
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
p3p
CP="NON DSP COR OUR IND"
server-time
0.005
cache-control
public, max-age=86400, s-maxage=86400
x-forwarded-https
on
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id
Cqfq61rAXzs
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstEQPziozUyMmwjz8liKp2TcfuFza2cGyYJVvx48EUww4ShNJVxxgGSBfGegN1lenS7EwinOde1gKUv8X6h9wSqp_ipbAQsf5h01z8SmNplsoEn4RHdHUJ4n_RCZ_IWtzFnDQA71e4pMBlRQJLIcXhvCHJ7-JFHUmhL5LmtBErf-fVR-LLRN0Y0YyXF9v6hVJJmetUFs8wIunuyAiupM8jchfkrxXI54mviGm24bPkqlZl4Nu2k1SNFtSJbuROUbQnCu41L3fpgrj6KzGC7XxHGnlOerMq7icS2CTrzoHYf0eK7uoWIi31iUMy9pdjNQv7OzvW2xBLpcgs2Rg&sig=Cg0ArKJSzLwpjbqiym-tEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 18:09:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 18 Oct 2021 18:09:25 GMT
truncated
/ 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fed639c966edf7aaea1acef6464e9ae51c61b0e58b8119f7bdbca58a8326c760

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame BADC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupm6C20eDajXOuKJYwzWA1ng0tLr71-7ouIDY32UkCtTlBil8f6J8jIOjkKYcm7S8SJ4-BjJD_ng7Af2eE_iPVJpD1HCa_0pUvNj72NNyM3uBVNWL5KPsZnvwbdA9vzSIyBmNb5b1RY1JpkZcy-AfzgZK6Ae-4DsCP40lgJy6q8CYYuQFC92prQioBEFn-j_T439mdqHgQk4d7WYbcBo3ZmH9BfvrxWFQN7FS2g2DUilHGJkbLWskZg842EgL79xnG9OPz_Rchc2kxx89sH2XDHQJ2hKWZ8T9Ee_H65yPs_8NzEZfLdtkNLBVsNGld5zoim1iseIntU7Rrx16YV5tg1phetSB3ibfteUPHoQ&sig=Cg0ArKJSzJQZHPGIiknKEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 18:09:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame BADC 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:06:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Nov 2021 18:06:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BADC 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37919
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634125446224599"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 18 Oct 2021 18:09:26 GMT
l
www.google.com/ads/measurement/ Frame BADC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ4vyoSrEveTdssuFJgyPoqwmtHUZql_8wW3eDq1Tr5mSz2H7hyEtZ_WUDjQl5V4mgihFEW
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
3083443360271152484
tpc.googlesyndication.com/simgad/ Frame BADC 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3083443360271152484
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
e299ebc7e9d8ba28f03e84211b2cfb5d292eb455c0bc310522934894a8adc3b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 10:41:26 GMT
x-content-type-options
nosniff
age
113280
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16907
x-xss-protection
0
last-modified
Thu, 05 Dec 2019 18:43:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 17 Oct 2022 10:41:26 GMT
/
id.sltrib.com/ 		0
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sltrib.com/?maxAge=2628000
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.183.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
*/*
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
strict-transport-security
max-age=86400; includeSubDomains
cf-ray
6a03b7bccc704114-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame BADC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvAxwH2qCnly21DBiLuvZyMArmrN8QVIWZz_KABr6c4n7or5eezLkc7CEE2RGNbnD9KOJRblroyw920LK4B8qJUAbRrZgYzgs5jJwa_YcQGvrG05peAwRCHmg9KuPSFSaPHIcKfHRR86vC-KiBppqEt-mffJxFQysBZ5PeHik6sApj3GZ2ndO9_sogwobdVq8AP-Qg3RMf4x5Z4AwpKSsmnrKvrjiyXaaTGv24gctVo5XT8FIRh09r_PXZDXwZ_PdCt7hv0JEaJgqfgmBYqx6FZWw6XCLxT5_2UN2uVForfi9CADTYDbee_KVe3AziC2VGAszEytQ-0hXx8UT9JMhTaTzV8J7ek4_XX8clnC-kM&sig=Cg0ArKJSzK34FbqluKoLEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 18:09:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 18 Oct 2021 18:09:26 GMT
truncated
/ Frame BADC 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
45b66365014c7b8061074d0f774ed7343cc6ae290c0e3d73ddf2466db2a9a6b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ Frame BADC 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021101201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
87dd6a6e76d5d5c73d442449c874c8e547151372048ad1fd292039e1b9276b4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 18:09:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8534
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Oct 2021 16:38:54 GMT
server
Golfe2
age
500
date
Mon, 18 Oct 2021 18:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Mon, 18 Oct 2021 20:01:06 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021101201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
58ed718e49e1c6e7bd8beedde49921d8bacacb0ccf48f5e7e4bac727cba9cb57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 18:09:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8647
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BADC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 18 Oct 2021 18:09:26 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 18 Oct 2021 18:09:26 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 7B02 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Mon, 18 Oct 2021 17:31:02 GMT
expires
Tue, 18 Oct 2022 17:31:02 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2304
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame A4D0 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
GSE /
Resource Hash
c96a1d9e7dd65677035139bcfb4d582451fd433934a1689926808c8be493a8aa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KvJVQ3cgPhEywA72GzVvBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 18 Oct 2021 18:09:26 GMT
date
Mon, 18 Oct 2021 18:09:26 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-KvJVQ3cgPhEywA72GzVvBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame E653 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Mon, 18 Oct 2021 17:31:02 GMT
expires
Tue, 18 Oct 2022 17:31:02 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2304
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame A29D 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
GSE /
Resource Hash
584c233f0f61d8d4f73e3a0f8381e3cf0eaae854796f839e55c8b072f58b2c19
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZDTLrou6LLXc8VsGnaiDJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 18 Oct 2021 18:09:26 GMT
date
Mon, 18 Oct 2021 18:09:26 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-ZDTLrou6LLXc8VsGnaiDJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame A4D0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021101201&jk=2190293338351459&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame A29D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021101201&jk=2379568312541641&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
6ezQI-oG7_JBlIQWa0q_6kDxCwRKhGyZnEhX1xufIgc.js
pagead2.googlesyndication.com/bg/ Frame 7B02 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6ezQI-oG7_JBlIQWa0q_6kDxCwRKhGyZnEhX1xufIgc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
e9ecd023ea06eff2419484166b4abfea40f10b044a846c999c4857d71b9f2207
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 17:22:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
2832
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13172
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 18 Oct 2022 17:22:14 GMT
6ezQI-oG7_JBlIQWa0q_6kDxCwRKhGyZnEhX1xufIgc.js
pagead2.googlesyndication.com/bg/ Frame E653 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6ezQI-oG7_JBlIQWa0q_6kDxCwRKhGyZnEhX1xufIgc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
e9ecd023ea06eff2419484166b4abfea40f10b044a846c999c4857d71b9f2207
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 17:22:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
2832
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13172
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 18 Oct 2022 17:22:14 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021101201&jk=2379568312541641&bg=!oaKloubNAAao6lBpqOo7ACkAdvg8WoU8xm6WriVPSRr1IBDVd2PI6t4ytNx4HEJwcgnrqETnjeZyOAIAAADaUgAAABRoAQcKAGzAQ6MnOoHQjZZDsBIeFAlfb2RnKwhTXY3OcobW5cFCgkLBo1gjuHiBMNTduhwlLG6XNYdjE2tmlcsf47M443rLYlvXAD9CU8vLbzsVMAi77e4RQcJWwc2LAcyFHNNzrjgcgU6EcMoIByqVbj-ZAqvhbVhLZyP-jlQKRhJdqpeKOeGETDxmI6M8FAVrN4LWQXnGgdyZ_xC6l2gSabspQLA2FqmUX2WjI4tLySed5YMQPhqL1dyNe3r2LDz3Ez7ffQ81kETzgW16Dm5QrWjTu3RXaeElxi4mAy2SSuTOQr2bCf3GQJec0lBoLusEclcKg_uG314qyRfnoVkCxBouKa31beScFQRbkdfjsXQ51qAHFXvyNOWWx0WifTM2MNE3HdD22ZOKDE05Mhc3_sziHF6OybtY84FNKnWpuFBZU6XGFWtMhWS82KEf6APMu8BkYVNXb2UhqEbRLtTaojr2oDFcZ0sQ4AO_zqb8JfCy50fhP47PZKKhhpFYRk70hSF3noWkO7eqMSaAUZcqjgy-FmJJGm1llXjLrOJoaBDhvo5PHZBwURj0z58NEbfVdXnw2F6NHKxhkf_BUao1jftMHj4cLQTbm8uu6lCboAK8s1T0ylrhS9B8tRQbmoxVHUrl-1ERuk7zlH7iSYLkBrtA5au4JEROBPoVWWO4OSAJ25QirgzpKLqH8cbki6klSV-VTOTCN4tXXzPufEwJ3g-qO7y1u5EDHCEm99bT5ovl3emmEwkFrjWn9oP3KdXx9XnsqG1uP6VmpBtmGnLiOm2amds2iJliGSrEsqrpFI-LRQnLTVv_YvDngx5eDQFJPLiDChNNjHdEQJIHuYKH83ikQfxzDVdqfnLTnnMyY-4N-dz6OCHOibD4efxALwuQB9FIt1WQw53VN4Y4LAfurafo-xnpgWe_AZwMbfC_qemVTW4Z7qZYpO3H9I6ZqodYFyeLsyFXUW4utPT11HyQ06dSkvnu4_gxS3Pz8I1gDgYTfwZcFWrsgpUBVh0oaI701UaohSNom3DeESn7WUKPcRWAsrPXCUexvsuaojZlLg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BADC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021101201&jk=2190293338351459&bg=!7e6l7qrNAAao6lBpqOo7ACkAdvg8WiJwSLFUBvKU1sbolDju2P4jm7SyajJpNITaaauvSCfDP5fKGAIAAADnUgAAABBoAQeZAsRQpD5FY0etZc7IDxfWMU297bCXFr98pUUwHMcexZtjSjL92dOxAqHhM4rRdlKxPCPGCeug_LzDSaxYm0UmStrPrNeCrRq6O1hxkhVPnyiwmGLGLC2cNC6ioUKOpRm2ZbA-H3th33kB6Mam9G5gDT03d2S_JS_m_tKY49Rl5V2e0dPh2FfxnYMhhGH6TQXS2BBz2Kjh5x3VOZJY55l9r50YJW9PavRvlXAoTXRJyH4rFQREfBsmSFunEv5HPTloBOaYvA0EFKYUGxUXVkx-TuJvhXpdtYYTH8ZZPtmMBDbjHFF5QexqxifWilJnWAuS76-NuUYQUXVa7d1xvUIco9tyy5zq6qIzk-KrKb3EkMMm29C-RlvRfhf8fZhVca-Vk-kFYK1gUWJMznNMY11DoEDKbCnt_em15oi99UUbQv2DFGokWPaxYZ8LTZ6Jyfo33UfwCIYDSnsIHtWKvijNFNeHCr3muBPhowpcU8D19quh_w7PIAS1iNp9VwcEvWajJMIolVlXWAxRN8iwagL0ENa3NWOzFhA1bhMciTQYRoVAxLXdxTpecK7KTtq5FWOMRR0VP7Yn6NqDJzm3-8fPcxGDX8LKaGcCjV3tvH9ZJBIBPbmPIhDfMwLdA9OKQrKkzhtTFWpO2ml7jEAC78lSoZWlGmOX8JlHm0FtaO176ZBkZvjdqvC7S_1pY7ksZSoGG7w3Gu5vObJMBNnV7fxN7GA25Gpub_sHqj7NlCjbA4P7Oe4GdxL8DqEPooAyTKDaTnSbfm4lzdpcuQ4mCN2UjLnhvOaKQJCLVTN2cLplHDyDtZv9ILrdu1yPoTIZUWA0b1BMMCQNKUv-oaLijEHRulfmUNcFodPDgiCYd1d4hzpHgCGqQpAruDNDzPdJLGqZkSHi602nwW0wE2jZsY4AhRAG79E8NTl4yLUSbe1UPsnOzPCduf4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssATN2FYfwhd4U2BiCjfLnH72lBBQuajEKybHEPoZQo2MIUMgukdHnwWVLr0bh1H7p40QSyDQ5qVaas-SQ66bAEYN5qeZRVWxw_Kc0R7FtUE0tFxBTf&sig=Cg0ArKJSzNM-9gL0IbbaEAE&id=lidar2&mcvt=1000&p=0,0,90,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211013&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=994546634&rs=4&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634580559334&rpt=6410&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
944.json
id5-sync.com/g/v2/ Frame BADC 		213 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/944.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.156 , Germany, ASN16276 (OVH, FR),
Reverse DNS
p07.id5-sync.com
Software
/
Resource Hash
9ebf656a2d277efb597f3f96c8644ea0aee98bb81951a9c539273159b7208ace
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.sltrib.com
Date
Mon, 18 Oct 2021 18:09:22 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame BADC 		44 B
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 Oct 2021 18:09:26 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
rid
match.adsrvr.org/track/ Frame BADC 		108 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=71nw1m8&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
ea72fa611b3125470da3b6332b600bed0cb57602887750e8824bb0ed50e6517e

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 Oct 2021 18:09:26 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sltrib.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Wed, 17 Nov 2021 18:09:26 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BADC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssMOUQAEiK6HPNBsHIx3QWESwkAae1wSwEeXTS8Z8fZHw9DapQbLFqiPuTV1_5TMH49D-fDgJAdbPftzn52I3rE-X0XulA0UU1W5T3njk2htIDMj-Zq&sig=Cg0ArKJSzAGFm5gSC7sKEAE&id=lidar2&mcvt=1000&p=0,0,90,728&asp=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211013&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=870849309&rs=4&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634580564698&rpt=1279&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 6938 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Mon, 18 Oct 2021 18:09:28 GMT
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame F72A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 01 Oct 2021 05:08:47 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Mon, 18 Oct 2021 18:09:28 GMT
Age
46959
X-Served-By
cache-lga21949-LGA, cache-hhn4041-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 837436
X-Timer
S1634580569.543167,VS0,VE1
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame 9C4C 		815 B
810 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
f819df02ddb929da6a73a2ac384aa3b620c0f06c4c024a191ad78cb0bea22a65

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
accept-encoding
gzip, deflate, br
cookie
i=b0e46b29-059b-0233-179e-22d20232d784|1634580563; pd=v2|1634580563|mOgeginskin0vNomiygu
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=b0e46b29-059b-0233-179e-22d20232d784|1634580563; Version=1; Expires=Tue, 18-Oct-2022 18:09:28 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1634580563.5|kiiymOgevNomgunsn0gi.j8gmmWjofcsHqGgqsLiS; Version=1; Expires=Tue, 02-Nov-2021 18:09:28 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.217.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 18 Oct 2021 18:09:28 GMT
content-type
text/html
content-length
482
content-encoding
gzip
via
1.1 google
alt-svc
clear
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A7E8 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?kdntuid=1&p=157898
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
accept-encoding
gzip, deflate, br
cookie
KRTBCOOKIE_188=3189-57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553; PugT=1634580563; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=76093
expires
Tue, 19 Oct 2021 15:17:41 GMT
date
Mon, 18 Oct 2021 18:09:28 GMT
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 944A 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1634580565266
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?cb=1634580565266
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 7FD4 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14129/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Encoding
gzip, deflate, br
Cookie
rsid=1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVwnwYaQOmrhRqqbYb+IjI/LQRqus1OnYX6qF0anVSaRRFrEpFc6uQw19gMkasvdREJwzG6qEKdWU6r+VKDRWVv/VO/a+hEPPQ==; khaos=KUWZ2ATJ-D-K40A; audit=1|naVuGyos1qqYG0Hgr83v8qbParNmQjl9PvCrmQ61b03o/niVe3D2qmUxjv5cDWK0cpj76PKZXj90QVIvl3cx8BFMInZWvEog
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
ETag
"403b8-119-5cd3a8e7e6a80"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 18 Oct 2021 18:09:28 GMT
Connection
keep-alive
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame BADC 		0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame F3F0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/news/2021/03/10/no-link-between-covid/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/news/2021/03/10/no-link-between-covid/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/news/2021/03/10/no-link-between-covid/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bf116e2f9cf5abc67043ef3e9393743268654c40bec396ff4e5fe5be4a9b6cce

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=YW24WE9XGEiVrZZztqykTAAA; CMPS=5201
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|45|39|230|152|65|4|188
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1506
Expires
Mon, 18 Oct 2021 18:09:28 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 18 Oct 2021 18:09:28 GMT
Connection
keep-alive
Set-Cookie
CMID=YW24WE9XGEiVrZZztqykTAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 18 Oct 2022 18:09:28 GMT CMPS=5201;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 16 Jan 2022 18:09:28 GMT CMPRO=1102;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 16 Jan 2022 18:09:28 GMT CMRUM3=27616db8580b40&bc616db85805a00&04616db85805a0&f1616db85805a0&2d616db85805a0&e6616db8582760&41616db85805a0&98616db85805a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 18 Oct 2022 18:09:28 GMT CMST=YW24WGFtuFgA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 19 Oct 2021 18:09:28 GMT

Redirect headers

Server
Apache
Content-Length
375
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/news/2021/03/10/no-link-between-covid/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Mon, 18 Oct 2021 18:09:28 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 18 Oct 2021 18:09:28 GMT
Connection
keep-alive
Set-Cookie
CMID=YW24WE9XGEiVrZZztqykTAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 18 Oct 2022 18:09:28 GMT CMPS=5201;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 16 Jan 2022 18:09:28 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame A7E8 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=68773089&p=157898&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9cc56b9cf533e555f5fb811caa87bb9517137e81911cc8fc20277a25d1ae81fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:28 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sd
us-u.openx.net/w/1.0/ Frame 9C4C
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=069C987E115A4EFB811BBDDDCE171260
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=069C987E115A4EFB811BBDDDCE171260
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:28 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 18 Oct 2021 18:09:28 GMT
x-content-type-options
nosniff
server
openresty
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=069C987E115A4EFB811BBDDDCE171260
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 17 Oct 2021 18:09:28 GMT
c.html
j.mrpdata.net/ Frame 9C4C
Redirect Chain
  • https://j.mrpdata.net/c.html?ex=OpenX
  • https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.240.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-240-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

location
https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
pragma
no-cache
cache-control
no-cache
x-backend
dmc_hitServer_4_d@j4mrpdatanet
Connection
keep-alive
x-deviceid
c5a6fae3-14f1-841a-6cfe-289ff2a03efd
transfer-encoding
chunked
current
openx2-match.dotomi.com/match/bounce/ Frame 9C4C 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.207.16.137 , Sweden, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
ams03-usadmm.dotomi.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:28 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
sd
us-u.openx.net/w/1.0/ Frame 9C4C
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553&gdpr=0&gdpr_consent=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553&gdpr=0&gdpr_consent=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:28 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:28 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
ox
match.justpremium.com/match/ Frame 9C4C 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.justpremium.com/match/ox?ex_uid=29c99a80-fbad-07ae-1f56-6c0c6760a743
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.241.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-241-112.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:28 GMT
content-length
43
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame 9C4C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YW24WAAKHNgciQA6
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YW24WAAKHNgciQA6&_test=YW24WAAKHNgciQA6
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YW24WAAKHNgciQA6&_test=YW24WAAKHNgciQA6
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:28 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:28 GMT
via
1.1 varnish
server
Varnish
x-timer
S1634580569.715128,VS0,VE0
x-served-by
cache-hhn4069-HHN
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YW24WAAKHNgciQA6&_test=YW24WAAKHNgciQA6
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
us-u.openx.net/w/1.0/ Frame 9C4C
Redirect Chain
  • https://green.erne.co/openx/cm
  • https://pixel.onaudience.com/?mapped=XntLCbyBHqi3PbxDYAjvXqzB&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=6fa5c2463178d9da22c1be6dc0c3f000&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%25...
  • https://green.erne.co/ct/cm?red=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3DXntLCbyBHqi3PbxDYAjvXqzB
  • https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=XntLCbyBHqi3PbxDYAjvXqzB
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=XntLCbyBHqi3PbxDYAjvXqzB
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:28 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=XntLCbyBHqi3PbxDYAjvXqzB
date
Mon, 18 Oct 2021 18:09:28 GMT
server
openresty
strict-transport-security
max-age=0; includeSubDomains;
content-type
text/html; charset=UTF-8
sd
us-u.openx.net/w/1.0/ Frame 9C4C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8145206993111361502&gdpr=0&gdpr_consent=&us_privacy=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8145206993111361502&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:29 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8145206993111361502&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 18 Oct 2021 18:09:29 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
dds
rtb.openx.net/sync/ Frame 9C4C
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=vB7eTAWahOqrPKaNtQzeww==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:28 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
clear
content-length
43
x-request-id
73aulba0kusdu4sk7d223omo2crgtfav

Redirect headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
f78f3234-3cb0-af8d-7c9f-fccf99422930
pr-bh.ybp.yahoo.com/sync/openx/ Frame 9C4C 		43 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/f78f3234-3cb0-af8d-7c9f-fccf99422930?gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.15.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-15-229.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:28 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
bounce
ib.adnxs.com/ Frame F72A
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
805 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Oct 2021 18:09:28 GMT
X-Proxy-Origin
216.131.114.19; 216.131.114.19; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
9df0f29a-5354-4e7c-8e6d-9dc4c5c565dc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 18 Oct 2021 18:09:28 GMT
X-Proxy-Origin
216.131.114.19; 216.131.114.19; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
02ef7c4c-10f7-4b86-aa4f-3e113ecc85f5
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 7FD4 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
273282a153ded9e3bf56932b20e17408048ddd0d3edf359ebc52e1312a927c4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 18 Oct 2021 18:09:28 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42941
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9275
Expires
Tue, 19 Oct 2021 06:05:09 GMT
match
c1.adform.net/serving/cookie/ Frame 6AEA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=2684AE81-9251-404F-994E-540E73CB0A91
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=2684AE81-9251-404F-994E-540E73CB0A91
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=2684AE81-9251-404F-994E-540E73CB0A91
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=2684AE81-9251-404F-994E-540E73CB0A91
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 18 Oct 2021 18:09:28 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=3698388953266373299; expires=Fri, 17 Dec 2021 18:09:28 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Mon, 18 Oct 2021 18:09:28 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=2684AE81-9251-404F-994E-540E73CB0A91
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Thu, 18 Nov 2021 18:09:28 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 04A5
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6525862033713072916
42 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6525862033713072916
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6525862033713072916
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KRTBCOOKIE_188=3189-57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553; PUBMDCID=3; KADUSERCOOKIE=2684AE81-9251-404F-994E-540E73CB0A91; chkChromeAb67Sec=1; DPSync3=1635724800%3A201_197_219%7C1634601600%3A174; SyncRTB3=1635724800%3A71_21_13_54_56_8_220_161_7_3%7C1635811200%3A35%7C1635120000%3A223; KRTBCOOKIE_80=22987-CAESEEdh_N0G_KOb4U8jO_sFiXY&KRTB&16514-CAESEEdh_N0G_KOb4U8jO_sFiXY&KRTB&23025-CAESEEdh_N0G_KOb4U8jO_sFiXY; KRTBCOOKIE_57=22776-9195677227594937297; KRTBCOOKIE_153=19420-ek3h6y5E4rdhHba6Lh36vHRI57xhRbbtKUlOKJ4h&KRTB&22979-ek3h6y5E4rdhHba6Lh36vHRI57xhRbbtKUlOKJ4h; KRTBCOOKIE_377=6810-567680f8-24d9-476e-98f8-bd7261493f13&KRTB&22918-567680f8-24d9-476e-98f8-bd7261493f13&KRTB&23031-567680f8-24d9-476e-98f8-bd7261493f13; PugT=1634580567; KRTBCOOKIE_27=16735-uid:5aef616d-b858-4000-b930-3413e8ad21ef&KRTB&16736-uid:5aef616d-b858-4000-b930-3413e8ad21ef&KRTB&23019-uid:5aef616d-b858-4000-b930-3413e8ad21ef&KRTB&23114-uid:5aef616d-b858-4000-b930-3413e8ad21ef; KRTBCOOKIE_391=22924-256328738182924917&KRTB&23263-256328738182924917; SPugT=1634580566
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 18 Oct 2021 18:09:28 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-6525862033713072916; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 17-Nov-2021 18:09:28 GMT; path=/ PugT=1634580568; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 17-Nov-2021 18:09:28 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 16-Jan-2022 18:09:28 GMT; path=/
x-lat
lhrpug019:0:2223
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6525862033713072916
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 8849 		43 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 18 Oct 2021 18:09:28 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Mon, 18 Oct 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
219182
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A7E8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JoSugZJRQE-ZTlQOc8sKkQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:28 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=76093
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Tue, 19 Oct 2021 15:17:41 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame A7E8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=51f9616d-b858-4400-9938-ab22e7d5113d
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=51f9616d-b858-4400-9938-ab22e7d5113d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 18 Oct 2021 18:09:28 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x29 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=51f9616d-b858-4400-9938-ab22e7d5113d
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 18 Oct 2021 18:09:27 GMT
mw
mwzeom.zeotap.com/ Frame A7E8
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=2684AE81-9251-404F-994E-540E73CB0A91
  • https://spl.zeotap.com/?zdid=1332&zcluid=2969eb3e5db78b84
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f0ec33bb-e788-4e6c-5eb6-23f772a7337a&reqId=674434e6-d777-4f1a-60fe-1992061f3c34&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEERvk0pKiGxCoHpVJRZppS0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f0ec33bb-e788-4e6c-5eb6-23f772a7337a&reqId=674434e6-d777-4f1a-60fe-199...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEERvk0pKiGxCoHpVJRZppS0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f0ec33bb-e788-4e6c-5eb6-23f772a7337a&reqId=674434e6-d777-4f1a-60fe-1992061f3c34&zcluid=2969eb3e5db78b84&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.13.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6a03b7cb2b102780-PRG
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEERvk0pKiGxCoHpVJRZppS0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f0ec33bb-e788-4e6c-5eb6-23f772a7337a&reqId=674434e6-d777-4f1a-60fe-1992061f3c34&zcluid=2969eb3e5db78b84&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A7E8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjY4NEFFODEtOTI1MS00MDRGLTk5NEUtNTQwRTczQ0IwQTkx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:28 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:600
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A7E8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEdh_N0G_KOb4U8jO_sFiXY&google_cver=1
42 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEdh_N0G_KOb4U8jO_sFiXY&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:28 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug017:0:462
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEdh_N0G_KOb4U8jO_sFiXY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame A7E8 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:28 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 17 Oct 2021 18:09:28 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame A7E8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=567680f8-24d9-476e-98f8-bd7261493f13
42 B
605 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=567680f8-24d9-476e-98f8-bd7261493f13
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:27 GMT
cache-control
no-store, no-cache, private
x-lat
amspug001:0:401
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:28 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=567680f8-24d9-476e-98f8-bd7261493f13
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame A7E8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=256328738182924917
42 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=256328738182924917
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:27 GMT
cache-control
no-store, no-cache, private
x-lat
amspug011:0:546
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:28 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=256328738182924917
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame A7E8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:5aef616d-b858-4000-b930-3413e8ad21ef&gdpr=0&gdpr_consent=
42 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:5aef616d-b858-4000-b930-3413e8ad21ef&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:27 GMT
cache-control
no-store, no-cache, private
x-lat
amspug002:0:485
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 18 Oct 2021 18:09:28 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x25 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:5aef616d-b858-4000-b930-3413e8ad21ef&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 18 Oct 2021 18:09:27 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A7E8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9195677227594937297&gdpr=0&gdpr_consent=
42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9195677227594937297&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:28 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:458
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 18 Oct 2021 18:09:28 GMT
X-Proxy-Origin
216.131.114.19; 216.131.114.19; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
787cc58b-36f6-4cd3-81a6-007bf8da8d41
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9195677227594937297&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A7E8
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ek3h6y5E4rdhHba6Lh36vHRI57xhRbbtKUlOKJ4h
42 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ek3h6y5E4rdhHba6Lh36vHRI57xhRbbtKUlOKJ4h
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:28 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:2101
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ek3h6y5E4rdhHba6Lh36vHRI57xhRbbtKUlOKJ4h
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame A7E8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2684AE81-9251-404F-994E-540E73CB0A91&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2684AE81-9251-404F-994E-540E73CB0A91&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-wc_dBmFE2uVfbdNsLA1LnEFB4Cb6D.s-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-wc_dBmFE2uVfbdNsLA1LnEFB4Cb6D.s-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 18 Oct 2021 18:09:28 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-wc_dBmFE2uVfbdNsLA1LnEFB4Cb6D.s-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
2684AE81-9251-404F-994E-540E73CB0A91
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame A7E8 		43 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/2684AE81-9251-404F-994E-540E73CB0A91?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.15.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-15-229.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:28 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
dcm
s.amazon-adsystem.com/ Frame F3F0
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YW24WE9XGEiVrZZztqykTAAABE4AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YW24WE9XGEiVrZZztqykTAAABE4AAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YW24WE9XGEiVrZZztqykTAAABE4AAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/news/2021/03/10/no-link-between-covid/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.178.82 Osaka, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Oct 2021 18:09:29 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
DM583EQWB5ZFCA7PRKWJ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 18 Oct 2021 18:09:28 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
CQR278TAB64G18MTGW87
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YW24WE9XGEiVrZZztqykTAAABE4AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame F3F0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YW24WE9XGEiVrZZztqykTAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFttccFG5pfhV0zn1PLhdQ4&google_cver=1&gdpr=1
43 B
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFttccFG5pfhV0zn1PLhdQ4&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/news/2021/03/10/no-link-between-covid/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Oct 2021 18:09:28 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 18 Oct 2021 18:09:28 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFttccFG5pfhV0zn1PLhdQ4&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame F3F0 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/news/2021/03/10/no-link-between-covid/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame F3F0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YW24WE9XGEiVrZZztqykTAAABE4AAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEF2f8zHq61KXm7VLoDGVjqo&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEF2f8zHq61KXm7VLoDGVjqo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/news/2021/03/10/no-link-between-covid/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Oct 2021 18:09:28 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 18 Oct 2021 18:09:28 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEF2f8zHq61KXm7VLoDGVjqo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame F3F0
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=584bb2c0-cbb8-458f-8461-40c3fda1e4d6
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=584bb2c0-cbb8-458f-8461-40c3fda1e4d6
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/news/2021/03/10/no-link-between-covid/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Oct 2021 18:09:29 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 18 Oct 2021 18:09:29 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 18 Oct 2021 18:09:29 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=584bb2c0-cbb8-458f-8461-40c3fda1e4d6
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
rum
dsum.casalemedia.com/ Frame F3F0
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1634666968&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1634666968&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/news/2021/03/10/no-link-between-covid/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Oct 2021 18:09:28 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 18 Oct 2021 18:09:28 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1634666968&gdpr=1
pragma
no-cache
date
Mon, 18 Oct 2021 18:09:28 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame F3F0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2669393895693887454
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2669393895693887454
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/news/2021/03/10/no-link-between-covid/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Oct 2021 18:09:28 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 18 Oct 2021 18:09:28 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2669393895693887454
pragma
no-cache
date
Mon, 18 Oct 2021 18:09:28 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
CookieIndex
rtb.adentifi.com/ Frame F3F0 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/news/2021/03/10/no-link-between-covid/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.216.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-216-135.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
htw-pixel.gif
js-sec.indexww.com/ht/ Frame F3F0 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YW24WE9XGEiVrZZztqykTAAA%261102
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sltrib.com/news/2021/03/10/no-link-between-covid/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 18 Oct 2021 18:09:28 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=959
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 18 Oct 2021 18:25:27 GMT
v1
ads.yahoo.com/cms/ Frame 7FD4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KUWZ2ATJ-D-K40A&sigv=1&esig=2~56ed8069f87de62e91b864e4d2907dde70be0d36
0
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KUWZ2ATJ-D-K40A&sigv=1&esig=2~56ed8069f87de62e91b864e4d2907dde70be0d36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.23 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
e2.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:28 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KUWZ2ATJ-D-K40A&sigv=1&esig=2~56ed8069f87de62e91b864e4d2907dde70be0d36
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 7FD4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/XVbabBCPRydTRYfa_m9Sdw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4474588870518621457
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4474588870518621457
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif

Redirect headers

date
Mon, 18 Oct 2021 18:09:28 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4474588870518621457
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 7FD4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VXWjJBVEotRC1LNDBB
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VXWjJBVEotRC1LNDBB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VXWjJBVEotRC1LNDBB
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 7FD4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5aef616d-b858-4000-b930-3413e8ad21ef&expires=28
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5aef616d-b858-4000-b930-3413e8ad21ef&expires=28
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif

Redirect headers

Date
Mon, 18 Oct 2021 18:09:28 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x6 config:1.0.1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5aef616d-b858-4000-b930-3413e8ad21ef&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 18 Oct 2021 18:09:27 GMT
tap.php
pixel.rubiconproject.com/ Frame 7FD4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDWIm3tvcNjIojTKA9mWYLk&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDWIm3tvcNjIojTKA9mWYLk&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDWIm3tvcNjIojTKA9mWYLk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7FD4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGI5ZWMyOWRjNjU2OThkMDIwYzE0ZDhmNjRjY2MyZTA4YTE2ZGNkMg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGI5ZWMyOWRjNjU2OThkMDIwYzE0ZDhmNjRjY2MyZTA4YTE2ZGNkMg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGI5ZWMyOWRjNjU2OThkMDIwYzE0ZDhmNjRjY2MyZTA4YTE2ZGNkMg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 7FD4
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YW24WAAKHNgciQA6
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YW24WAAKHNgciQA6
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:28 GMT
via
1.1 varnish
server
Varnish
x-timer
S1634580569.730747,VS0,VE0
x-served-by
cache-hhn4069-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YW24WAAKHNgciQA6
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
709414.gif
id.rlcdn.com/ Frame 7FD4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ 		553 B
869 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=vxCIN3E3cT
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.186.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9cd038ad10f83db254385078fe940bba6091f1b5a0e39c1f1b5fbc657aea868
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 18 Oct 2021 18:09:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id
Ctfq61rBFwR
pragma
no-cache
wn
prod-dash-10-0-94-165
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
server-time
0.006
cf-ray
6a03b7cfbca74137-PRG
expires
0
cacheableShow
buy.tinypass.com/checkout/template/ Frame 971C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=vxCIN3E3cT&templateId=OT4F5RD8EUFX&gaClientId=333263264.1634580562&offerId=fakeOfferId&experienceId=EXDCKFHYSTBP&iframeId=offer_a826314fb33d1ebcbcac-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.sltrib.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.186.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
150ba3fc2377e8f8f2f10c9121902e7f300ad98ff80ffcee1447ba6ea3b14ebd
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

:method
GET
:authority
buy.tinypass.com
:scheme
https
:path
/checkout/template/cacheableShow?aid=vxCIN3E3cT&templateId=OT4F5RD8EUFX&gaClientId=333263264.1634580562&offerId=fakeOfferId&experienceId=EXDCKFHYSTBP&iframeId=offer_a826314fb33d1ebcbcac-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.sltrib.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/

Response headers

date
Mon, 18 Oct 2021 18:09:29 GMT
content-type
text/html;charset=UTF-8
access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
cache-control
public, max-age=10800
expires
Mon, 18 Oct 2021 21:09:29 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server-time
0.003
set-cookie
LANG=en_US;Version=1;Domain=.tinypass.com;Path=/;Max-Age=2592000;Secure;SameSite=None __cflb=02DiuHCYe3gAA7tKYXZHc1Kjp8tYqQh4carMHtkLCr3Z6; SameSite=Lax; path=/; expires=Tue, 19-Oct-21 17:09:29 GMT; HttpOnly
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-126-249
x-forwarded-https
on
x-request-id
Ctfq61ruEAY
x-xss-protection
0
cf-cache-status
MISS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a03b7cf8b054120-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
logExecutionStats
api-v3.tinypass.com/api/v3/composer/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://api-v3.tinypass.com/api/v3/composer/logExecutionStats?aid=vxCIN3E3cT&items=%5B%7B%22mId%22%3A%22showTemplateYJB2ULONIC3T31%22%2C%22eId%22%3A%22EXDCKFHYSTBP%22%2C%22eV%22%3A2%2C%22eeId%22%3A%221805a2g0f4-00002v4kj02lhn4osalc2tsgio%22%7D%5D&execution_stats_context=%7Bjcx%7DH4sIAAAAAAAAAE3Py27CMBAF0F8ZeQUSdZzaiQWsUBdtRdMNqKwNDK4V10kdhzwQ_163ohLLmTNXV3MhbYP-9UgWhMzI3lfd_1i23fioUjkfnbGnA4tcK40fBrs7Z4Mrh57rvot-No0Jf3h-uMVTqb9bIewQ-bdppdGFTfDG6XhWVKOxViUZZTDZGXeM9fC-hZRRtoS4yMUS-lxMYVXXFne4X5uQZFxSnsNk_bIt3mZgTYnwjIeymsLTp6--MJlzyqjIpKQ5h406KW9uqbsvCgzoG7K4XK8_HOcReQYBAAA&ts=1634580569409&source=timer271
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.185.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
async_usersync
ib.adnxs.com/ Frame F72A 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Oct 2021 18:09:29 GMT
X-Proxy-Origin
216.131.114.19; 216.131.114.19; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
baffda84-becf-4b15-90e6-b9bd3bf26810
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 971C 		33 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=vxCIN3E3cT&templateId=OT4F5RD8EUFX&gaClientId=333263264.1634580562&offerId=fakeOfferId&experienceId=EXDCKFHYSTBP&iframeId=offer_a826314fb33d1ebcbcac-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.sltrib.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.186.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
734421d9e2fa5fe78c7bbd157c8de6a60bd1e0752c8abfcd2ca27f4a477ff2e5
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=vxCIN3E3cT&templateId=OT4F5RD8EUFX&gaClientId=333263264.1634580562&offerId=fakeOfferId&experienceId=EXDCKFHYSTBP&iframeId=offer_a826314fb33d1ebcbcac-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.sltrib.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:29 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
HIT
age
4146
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wn
prod-dash-10-0-119-139
last-modified
Mon, 11 Oct 2021 01:52:26 GMT
server
cloudflare
etag
W/"33843-1633917146000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
text/css
server-time
0.001
cache-control
public, max-age=7200
cf-ray
6a03b7d0ad464120-PRG
expires
Mon, 18 Oct 2021 20:09:29 GMT
loadTranslationMap
buy.tinypass.com/showtemplate/general/ Frame 971C 		24 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=vxCIN3E3cT&version=1517253150000&language=en_US
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=vxCIN3E3cT&templateId=OT4F5RD8EUFX&gaClientId=333263264.1634580562&offerId=fakeOfferId&experienceId=EXDCKFHYSTBP&iframeId=offer_a826314fb33d1ebcbcac-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.sltrib.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.186.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f37c5820d6b549fc3690fccc7090de80ab33e4e07ae657cbea324fd9e13a5b48
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=vxCIN3E3cT&templateId=OT4F5RD8EUFX&gaClientId=333263264.1634580562&offerId=fakeOfferId&experienceId=EXDCKFHYSTBP&iframeId=offer_a826314fb33d1ebcbcac-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.sltrib.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:29 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id
Ctfq61rKjuc
pragma
wn
prod-dash-10-200-4-35
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript;charset=UTF-8
server-time
0.001
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
6a03b7d0ad484120-PRG
expires
Tue, 19 Oct 2021 14:09:29 EDT
platform-translation-map_en_US.js
buy.tinypass.com/ng/common/i18n/ Frame 971C 		58 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=12.341.1
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=vxCIN3E3cT&templateId=OT4F5RD8EUFX&gaClientId=333263264.1634580562&offerId=fakeOfferId&experienceId=EXDCKFHYSTBP&iframeId=offer_a826314fb33d1ebcbcac-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.sltrib.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.186.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c22b6f656365ec3d38db4469c4bfccb020d1ac33ff23cc6636c7a6c09ba2e93
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=vxCIN3E3cT&templateId=OT4F5RD8EUFX&gaClientId=333263264.1634580562&offerId=fakeOfferId&experienceId=EXDCKFHYSTBP&iframeId=offer_a826314fb33d1ebcbcac-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.sltrib.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
7813
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wn
prod-dash-10-200-128-157
last-modified
Wed, 13 Oct 2021 15:57:48 GMT
server
cloudflare
etag
W/"59159-1634140668000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript;charset=UTF-8
server-time
0.001
cache-control
public, max-age=86400
cf-ray
6a03b7d0ad494120-PRG
expires
Tue, 19 Oct 2021 18:09:29 GMT
H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame 971C 		515 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.341.1
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=vxCIN3E3cT&templateId=OT4F5RD8EUFX&gaClientId=333263264.1634580562&offerId=fakeOfferId&experienceId=EXDCKFHYSTBP&iframeId=offer_a826314fb33d1ebcbcac-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.sltrib.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.186.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ada61037c66d48d66e9ca321fcc7bc9eca75f890719b023d7b27c978972ffd6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=vxCIN3E3cT&templateId=OT4F5RD8EUFX&gaClientId=333263264.1634580562&offerId=fakeOfferId&experienceId=EXDCKFHYSTBP&iframeId=offer_a826314fb33d1ebcbcac-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.sltrib.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
3543
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wn
prod-dash-10-0-95-54
last-modified
Wed, 13 Oct 2021 15:57:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
text/javascript
server-time
0.005
cache-control
public, max-age=601257
x-optimized-by
_sam
cf-ray
6a03b7d0ad4a4120-PRG
expires
Mon, 25 Oct 2021 17:10:26 GMT
BookSale.jpg
local.sltrib.com/marketing/ Frame 971C 		269 KB
271 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://local.sltrib.com/marketing/BookSale.jpg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=vxCIN3E3cT&templateId=OT4F5RD8EUFX&gaClientId=333263264.1634580562&offerId=fakeOfferId&experienceId=EXDCKFHYSTBP&iframeId=offer_a826314fb33d1ebcbcac-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.sltrib.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.220.201 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
1abde1da3fb4d63b0b449ea3de0366e3e9adaa331d3760228994adadd12abf4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:30 GMT
last-modified
Fri, 24 Sep 2021 18:25:06 GMT
server
Apache
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
275389
expires
Wed, 17 Nov 2021 18:09:30 GMT
fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame 971C 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.186.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:29 GMT
cf-cache-status
HIT
age
4148
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
strict-transport-security
max-age=86400; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2177
wn
prod-dash-10-0-119-139
last-modified
Wed, 13 Oct 2021 16:09:14 GMT
server
cloudflare
etag
W/"2177-1634141354000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
server-time
0.001
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6a03b7d2186d4120-PRG
expires
Mon, 18 Oct 2021 20:09:29 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame A7E8 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157898&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:09:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
event-stream
k.p-n.io/ 		0
126 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://k.p-n.io/event-stream
Requested by
Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=8TvuqyAv5q0L7mPKRbEHz1EQbjDrAwgM2XRu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.44.75 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 18 Oct 2021 18:09:30 GMT
access-control-allow-headers
*
access-control-max-age
600
access-control-allow-methods
*
event-stream
k.p-n.io/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://k.p-n.io/event-stream
Requested by
Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=8TvuqyAv5q0L7mPKRbEHz1EQbjDrAwgM2XRu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.44.75 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 18 Oct 2021 18:09:30 GMT
access-control-allow-headers
*
access-control-max-age
600
access-control-allow-methods
*
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=sltrib.com&p=%2Fnews%2F2021%2F03%2F10%2Fno-link-between-covid%2F&u=DhWz8sC9eA2GCqeDAk&d=sltrib.com&g=65212&g0=Health&g1=Sean%20P.%20Means&n=1&f=00001&c=0.25&x=0&m=0&y=1200&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=3&r=&b=2240&t=B1XhKABKiyPUDC4LiOCVajNOVBWdb&V=128&tz=0&_hottopic=&_acct=anon&sn=3&sv=BdicpLCxCzyZDTNyz1CexHvV5gfiZ&sd=1&im=067b2ff3&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.215.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-215-174.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 18:09:36 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
p1cluster.cxense.com
URL
https://p1cluster.cxense.com/p1.js

Verdicts & Comments Add Verdict or Comment

156 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect boolean| originAgentCluster object| Coral function| setImmediate function| clearImmediate object| BOOMR_mq string| BOOMR_API_key object| BOOMR number| BOOMR_lstart function| ttd_dom_ready function| TTDUniversalPixelApi object| Fusion string| googleAnalytics string| gaTitle object| globalContent object| XML_CHAR_MAP function| escapeXml string| siteName object| authors string| articletags string| GoogleAnalyticsObject function| ga object| dataLayer object| homepage object| isAdmin string| section object| _sf_async_config string| cbSectionsVal string| authorName string| headlines undefined| hotTopic number| _sf_startpt object| _cbq number| _sf_endpt function| x00_0x1f10 function| x00_0x16c5 object| _Scanner undefined| appId function| twq object| _cb_shared object| queryly object| searchPage object| CoralCount object| react object| React object| ReactDOM object| PropTypes object| scCGSHMRCache object| StyledComponents object| regeneratorRuntime number| 2f1acc6c3a606b082e5eef5e54414ffb function| _ object| googletag object| ggeac object| google_js_reporting_queue object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater undefined| __CSP_NONCE object| litHtmlVersions object| idOne object| idTwo function| cnx object| c object| apstag function| cnxps string| env string| pianoPush string| meteredParam boolean| isMetered string| cloudFlare object| tp object| tags string| firstPublishedDate boolean| isSponsored object| sites object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| twttr object| pSUPERFLY_mab object| pSUPERFLY object| google_tag_manager function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing string| ssaUrl function| fbq function| _fbq function| onYouTubeIframeAPIReady function| BlockAdBlock object| blockAdBlock object| __ctcg_65349_0_exec number| BOOMR_configt object| _cbm object| headertag object| Criteo function| headertag_render object| pbjs object| rubicontag boolean| apstagLOADED number| _swclk_ number| _swsts_ object| PushlySDK function| pushly object| criteo_pubtag object| criteo_pubtag_114 object| Criteo_114 number| pnInitPerformance function| ___tp string| __tpVersion object| jQuery112408486766912873158 object| SWG object| JSON3 object| cX function| cxCCE_callQueueExecute object| cxTest function| cx_callQueueExecute function| cx_pollActivity function| cx_pollActiveTime function| cx_pollFragmentMessage object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| PianoESPConfig object| cXNative boolean| inDapIF boolean| inGptIF object| cnx_usr_storage function| x00_0x30c1 function| x00_0x5417 function| p930.5864755476878 function| p9645.617870614693 function| s2008.1267614876763 function| s7795.766601771284 function| s3606.3178286716434 object| dicnf number| google_srt object| viewReq function| vu number| count object| yl_logger number| __google_lidar_ function| osdlfm number| __google_lidar_adblocks_count_ function| __google_lidar_radf_ object| GoogleGcLKhOms object| google_image_requests

108 Cookies

Domain/Path Name / Value
www.sltrib.com/ Name: arc-country
Value: DE
.sltrib.com/ Name: AKA_A2
Value: A
.sltrib.com/ Name: RT
Value: "z=1&dm=sltrib.com&si=v82mfcyub0m&ss=kuwz28o6&sl=0&tt=0"
www.sltrib.com/ Name: _cb_ls
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUn7KqrIddXn_Ec6fBMGn-wxIDGZOvNeOJg-DGtggA0BZjN-y2dXGFuUly5seB8
.sltrib.com/ Name: _gid
Value: GA1.2.1780526720.1634580562
www.sltrib.com/ Name: _cb
Value: DhWz8sC9eA2GCqeDAk
www.sltrib.com/ Name: _chartbeat2
Value: .1634580561557.1634580561557.1.BdicpLCxCzyZDTNyz1CexHvV5gfiZ.1
www.sltrib.com/ Name: _cb_svref
Value: null
.sltrib.com/ Name: _ga_DC2TJEE08T
Value: GS1.1.1634580561.1.0.1634580561.0
.twitter.com/ Name: personalization_id
Value: "v1_G3YKXMKAJXEsCniWosKQMg=="
.sitescout.com/ Name: ssi
Value: 57fd39f8-a0fa-4b09-87ab-776bd2526cb0#1634580562312
.adsrvr.org/ Name: TDID
Value: 567680f8-24d9-476e-98f8-bd7261493f13
.sltrib.com/ Name: _pnvl
Value: false
.sltrib.com/ Name: pushly.user_puuid
Value: DesKVhG9WPPutdv8wUyRQR5rqew2TXqX
.sltrib.com/ Name: _pndnt
Value:
.sltrib.com/ Name: _pnss
Value: none
www.sltrib.com/ Name: __adblocker
Value: false
.tapad.com/ Name: TapAd_TS
Value: 1634580562596
.tapad.com/ Name: TapAd_DID
Value: fb542545-9ebe-42b5-9453-363f2aed5ef3
www.sltrib.com/ Name: __pnahc
Value: 0
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
obs.cheqzone.com/ Name: cg_uuid
Value: c51c8be59b4f27f10c485b978e6528dd
.demdex.net/ Name: demdex
Value: 67286194350226987021258638022345459588
.sltrib.com/ Name: _fbp
Value: fb.1.1634580562581.1216078600
.dpm.demdex.net/ Name: dpm
Value: 67286194350226987021258638022345459588
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 6fa5c2463178d9da22c1be6dc0c3f000
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMEtLNE02MjEzNjS3SLFMSTQySjZMSjVLSTZINk4zMDBgAILE3B1BIBoKAFouCtc%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIzN0RBKSgAAAXDwHZ"
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553
.pubmatic.com/ Name: PUBMDCID
Value: 3
.spotxchange.com/ Name: audience
Value: 85d20e02-303e-11ec-85d9-17d925990306
.krxd.net/ Name: _kuid_
Value: Obb65-IL
.piano.io/ Name: __cf_bm
Value: Zh.9pNC0kInlZOcR3vST0XAOGUCTdLIrkCvnxesmouA-1634580563-0-ASQ3DHqG4mcTVE43hQ8/bwNgvK7+zyL+DplrHMXbT9emi3xXQD8B/2v/YbbkFV5XNP5nN2G4HAAbi9cgk/YAvnM=
.sltrib.com/ Name: __tbc
Value: %7Bjzx%7DnXcErWFN2iJHKnWRYyRH_7Lt0mjBoB5Siv9WxJpLSSSQl1V2eGNvE7xKrcVC1ugFGJeNcOqWPuHtxgyw2UR-brH_UjgHEVFaraX0IPKjoPU
.sltrib.com/ Name: __pat
Value: -25200000
.sltrib.com/ Name: __pvi
Value: %7B%22id%22%3A%22v-kuwz2a117gqu44ly%22%2C%22domain%22%3A%22.sltrib.com%22%2C%22time%22%3A1634580563371%7D
.openx.net/ Name: i
Value: b0e46b29-059b-0233-179e-22d20232d784|1634580563
.sltrib.com/ Name: xbc
Value: %7Bjzx%7D-M2HTp53lTi3Ah_GgEa1UoNYn-pN3k0B9csnZIJ8WzDyu_wbKHE9v08_QC-iFYt2lOQ1JvAdKTmnqKdsdV1z4n5FO0_qriqvAoanT41ZXqluWhgYc2oatQyEVdsvDtC_4HZQKpnSGSISWKkuj0g1MDHQjqsVVgBTAl98rLXoXmfy1Mhbl5WpeHef24JFTJY4qaVzMMmd3nGZnUjPmLe16n-2L1uCjfZHFH-kPw_6XipMX_myoYCTkDLA0SpGyYLVfgRHPjhjxyRymlrnw_5gHMGyQz0TQ_U3nnm--CZl4XiDTvaLYKWTiv7wq80x6E5YS9nIVOaOpPs2f98FOZiXOFUIvowNveUogbc6nXFIZjGLicGe0Bl4rMaMSZpOWLJDKzSPdn_P2NW26krg3kxRaa0oDQ08A6jAy0z9sA-qHcxSP2rj5JOJXikYr12FVCCyUmOjyWL1jq48Rx12KPOQLJSo_UVOqaO-Bl9dIMkgxifYYgy70aYDB3-0J7Zy3Fr34ICZGws4cr32-Kd0ebKFCfg-0pqmGWc1KyoBl5aR9CPnRazDQD43STbFUl0Di9S4poahB4iMVHOtwiG2QFW7iNyiNCGjr5Odv2qE_mjG9lwK0TnHu6wJByvaUw-yeGWfdxdt2F8epfj50b-0holT6Ddt8rTlrApT3LSfwBYCyGWrtMrUBhucbz9mBfVFp1yhVnDr734YBIdnM8VuOBEkvNaPSBuFwVtIxDt-8wtNKco
.sltrib.com/ Name: _gat
Value: 1
.sltrib.com/ Name: cX_S
Value: kuwz2arxpjgwjxcs
.rubiconproject.com/ Name: rsid
Value: 1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVwnwYaQOmrhRqqbYb+IjI/LQRqus1OnYX6qF0anVSaRRFrEpFc6uQw19gMkasvdREJwzG6qEKdWU6r+VKDRWVv/VO/a+hEPPQ==
.rubiconproject.com/ Name: khaos
Value: KUWZ2ATJ-D-K40A
.contextweb.com/ Name: vf
Value: 1
.contextweb.com/ Name: wf
Value: 0
.contextweb.com/ Name: V
Value: RF9UpMTgUCte
.cxense.com/ Name: cX_T
Value: kuwz2bb0fr4w5351
.cxense.com/ Name: gckp
Value: 38gc9lme3dmx63piw564pq8v62
www.sltrib.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.sltrib.com/ Name: _pubcid
Value: 33c52bcc-db43-44d6-9286-a952f0c8df5c
www.sltrib.com/ Name: cto_bidid
Value: ySRGxV9QSmh0ajloUFVhSHgyNUJSMlZ0NVNvdm1HdlN2bU9PcnNQbmJlVG1PUkkxdCUyQnJTNm14ajNheW84UFh6eVMzeU5QU2RqSVFYRExYJTJCQld4MWJLa2swSXclM0QlM0Q
www.sltrib.com/ Name: cto_bundle
Value: 2gupKl9TMlR6c0ZMUkNNWW1zcGdVSHFJT1ElMkZLQ1N0WkFVYktubjFPMmU3U2owd3RKZ3lTZ0pmZGJ2MUdSczZhOUlpZE9FbktRbkJncmFXZHFtRGlNU2tmaDZpbjJnTEVUZndUWHZYakhDczZ3WSUyRlEwY2dqU2JmaXp5TzBQeERqOFUwRG0
.sltrib.com/ Name: __gads
Value: ID=627fedf3fd65bc2a:T=1634580563:S=ALNI_MYCACfLUnkOq2s80r3kyLNdmizS-Q
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqYG0Hgr83v8qbParNmQjl9PvCrmQ61b03o/niVe3D2qmUxjv5cDWK0cpj76PKZXj90QVIvl3cx8BFMInZWvEog
.go.sonobi.com/ Name: HAPLB5A
Value: s56128|YW24W
.sltrib.com/ Name: _ga
Value: GA1.2.333263264.1634580562
www.sltrib.com/ Name: _lr_retry_request
Value: true
www.sltrib.com/ Name: _lr_env_src_ats
Value: false
www.sltrib.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22567680f8-24d9-476e-98f8-bd7261493f13%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-09-18T18%3A09%3A26%22%7D
.openx.net/ Name: pd
Value: v2|1634580563.5|kiiymOgevNomgunsn0gi.j8gmmWjofcsHqGgqsLiS
.ads.pubmatic.com/ Name: KCCH
Value: YES
.casalemedia.com/ Name: CMID
Value: YW24WE9XGEiVrZZztqykTAAA
.casalemedia.com/ Name: CMPS
Value: 5201
.justpremium.com/ Name: jpxumaster
Value: um-ff476de9-4394-4080-b05e-006920c34c3f-1634580568
.justpremium.com/ Name: jpxumatched
Value: ox
.adnxs.com/ Name: uuid2
Value: 9195677227594937297
eus.rubiconproject.com/ Name: pux
Value: 1512%3D103410%262249%3D103410%262974%3D103410%263778%3D103410%26brx%3D103410%26goog%3D103410%262249-DV360-Hosted%3D103410%26idl%3D103410%26
.mrpdata.net/ Name: U
Value: 84920ee8-b4ff-d580-8a43-a1ee18ca5283
.simpli.fi/ Name: suid
Value: 069C987E115A4EFB811BBDDDCE171260
.erne.co/ Name: u
Value: XntLCbyBHqi3PbxDYAjvXqzB
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 2684AE81-9251-404F-994E-540E73CB0A91
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: DPSync3
Value: 1635724800%3A201_197_219%7C1634601600%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1635724800%3A71_21_13_54_56_8_220_161_7_3%7C1635811200%3A35%7C1635120000%3A223
.casalemedia.com/ Name: CMPRO
Value: 1102
.mrpdata.net/ Name: DNT
Value: 00000000-0000-0000-0000-000000000000
.sitescout.com/ Name: _ssuma
Value: eyIzNCI6MTYzNDU4MDU2MjMzNywiNDUiOjE2MzQ1ODA1NjI3NDksIjIiOjE2MzQ1ODA1NjIzMzcsIjMiOjE2MzQ1ODA1NjI3NDksIjQiOjE2MzQ1ODA1NjIzMzcsIjM5IjoxNjM0NTgwNTYyMzM3LCIyOCI6MTYzNDU4MDU2Mjc0OSwiMTciOjE2MzQ1ODA1Njg2MzgsIjciOjE2MzQ1ODA1NjIzMzcsIjI5IjoxNjM0NTgwNTYyNzQ5LCI4IjoxNjM0NTgwNTYyNzQ5fQ
.onaudience.com/ Name: done_redirects104
Value: 1
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwiyoazYjpuJOhAFGAEgASgCMgsIspmvhaWbiToQBTgBWghwdWJtYXRpY2AC
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YW24WAAKHNgciQA6
.quantserve.com/ Name: d
Value: EKUBCwHBJPijAA
.quantserve.com/ Name: mc
Value: 616db858-aa5ba-38403-9abe5
.onaudience.com/ Name: cookie
Value: 2969eb3e5db78b84
.onaudience.com/ Name: done_redirects219
Value: 1
.mathtag.com/ Name: uuid
Value: 5aef616d-b858-4000-b930-3413e8ad21ef
.adform.net/ Name: C
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBFi4bWECELQvX7jSCspjtEZ1HCWBuFsFEgEBAQEJb2F3YQAAAAAA_eMAAA&S=AQAAAm8Gz18oALPmOYu73mDO0G8
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEEdh_N0G_KOb4U8jO_sFiXY&KRTB&16514-CAESEEdh_N0G_KOb4U8jO_sFiXY&KRTB&23025-CAESEEdh_N0G_KOb4U8jO_sFiXY
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-9195677227594937297
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-ek3h6y5E4rdhHba6Lh36vHRI57xhRbbtKUlOKJ4h&KRTB&22979-ek3h6y5E4rdhHba6Lh36vHRI57xhRbbtKUlOKJ4h
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~2116
.mathtag.com/ Name: mt_mop
Value: 9:1634580568
.adform.net/ Name: uid
Value: 256328738182924917
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-567680f8-24d9-476e-98f8-bd7261493f13&KRTB&22918-567680f8-24d9-476e-98f8-bd7261493f13&KRTB&23031-567680f8-24d9-476e-98f8-bd7261493f13
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:5aef616d-b858-4000-b930-3413e8ad21ef&KRTB&16736-uid:5aef616d-b858-4000-b930-3413e8ad21ef&KRTB&23019-uid:5aef616d-b858-4000-b930-3413e8ad21ef&KRTB&23114-uid:5aef616d-b858-4000-b930-3413e8ad21ef
.de17a.com/ Name: guid2
Value: 1.6525862033713072916
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-256328738182924917&KRTB&23263-256328738182924917
.pubmatic.com/ Name: SPugT
Value: 1634580566
.zeotap.com/ Name: zc
Value: f0ec33bb-e788-4e6c-5eb6-23f772a7337a
.zeotap.com/ Name: zsc
Value: 9O%B2%7F%02%B7G%07d%D6%7F%3F5%BF%EE%8D%90%7D%F4mIh%15E%08%96hG%CB%C0TT1v%84%BC%95%04o%28%17Xf%F4%C0A%D9%80%8E%83%7C%E3%2C%2A%D9%14%91%E9%A8%E2%B5%C0%F5u%08%0AI%D7%86%F1%25%C9%D0%85l%85%9F%40%89%DA%9A%0C%DD
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-6525862033713072916
.pubmatic.com/ Name: PugT
Value: 1634580568
.casalemedia.com/ Name: CMRUM3
Value: e6616db8582760&98616db8592760584bb2c0-cbb8-458f-8461-40c3fda1e4d6&41616db85805a0&2d616db8582760CAESEFttccFG5pfhV0zn1PLhdQ4&04616db85827602669393895693887454&f1616db85805a0&27616db8580b40&bc616db85805a00
.casalemedia.com/ Name: CMST
Value: YW24WGFtuFkA
.tinypass.com/ Name: LANG
Value: en_US
.tinypass.com/ Name: LANG_CHANGED
Value: en_US
.turn.com/ Name: uid
Value: 8145206993111361502

11 Console Messages

Source Level URL
Text
network error URL: https://www.sltrib.com/pf/api/v3/content/fetch/coral-comments?query=undefined&d=240&_website=sltrib
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/384136.gif?partner_uid=57fd39f8-a0fa-4b09-87ab-776bd2526cb0-616db852-5553
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://d3plfjw9uod7ab.cloudfront.net/ad/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://d3plfjw9uod7ab.cloudfront.net/ad/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript error URL: https://www.sltrib.com/news/2021/03/10/no-link-between-covid/
Message:
Access to XMLHttpRequest at 'https://ib.adnxs.com/ut/v3/prebid' from origin 'https://www.sltrib.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ib.adnxs.com/ut/v3/prebid
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8208269.fls.doubleclick.net
8234312.fls.doubleclick.net
8571fced92ea4a4ae707e3d42ab4d201.safeframe.googlesyndication.com
a74de3f5d59e5a5da1f465ef915dc544.safeframe.googlesyndication.com
acdn.adnxs.com
ad.turn.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
adservice.google.de
analytics.twitter.com
ap.lijit.com
apex.go.sonobi.com
api-v3.tinypass.com
api.devconops.com
api.rlcdn.com
as-sec.casalemedia.com
bcp.crwdcntrl.net
beacon.krxd.net
bid.contextweb.com
bidder.criteo.com
buy.tinypass.com
c.amazon-adsystem.com
c.go-mpulse.net
c1.adform.net
c2.piano.io
casale-match.dotomi.com
cd.connatix.com
cdn.cxense.com
cdn.p-n.io
cdn.tinypass.com
cdn1.opstag.com
cds.connatix.com
clickserv.basis.net
clickserv.sitescout.com
cm.g.doubleclick.net
cmp.osano.com
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
d3plfjw9uod7ab.cloudfront.net
d5p.de17a.com
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
eu-u.openx.net
eus.rubiconproject.com
experience.tinypass.com
fastlane.rubiconproject.com
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
id.sltrib.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
includemodal.com
j.mrpdata.net
js-sec.indexww.com
js.adsrvr.org
k.p-n.io
loadm.exelator.com
local.sltrib.com
log.outbrainimg.com
mab.chartbeat.com
match.adsrvr.org
match.justpremium.com
mcdp-nydc1.outbrain.com
mv.outbrain.com
mwzeom.zeotap.com
ob.cheqzone.com
obs.cheqzone.com
odb.outbrain.com
onetag-sys.com
openx2-match.dotomi.com
os4m-d.openx.net
p1cluster.cxense.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-a.basis.net
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
pubads.g.doubleclick.net
rtb.adentifi.com
rtb.openx.net
s.amazon-adsystem.com
s.go-mpulse.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sltrib-d.openx.net
sltrib.coral.coralproject.net
spl.zeotap.com
ssum-sec.casalemedia.com
static.ads-twitter.com
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.extend.tv
sync.mathtag.com
sync.search.spotxchange.com
sync.teads.tv
t.co
tags.bluekai.com
tcheck.outbrainimg.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
widget-pixels.outbrain.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.npttech.com
www.queryly.com
www.sltrib.com
ib.adnxs.com
p1cluster.cxense.com
104.111.214.229
104.111.215.191
104.111.242.245
104.16.42.65
104.17.183.177
104.17.185.177
104.17.186.177
104.21.53.45
104.21.60.63
104.244.42.5
104.244.42.67
104.26.13.86
108.177.15.155
13.224.186.4
13.224.190.164
13.224.193.58
13.224.193.66
13.225.84.151
13.225.85.149
13.225.87.46
13.225.87.88
142.250.181.226
142.250.184.198
142.250.184.206
142.250.185.104
142.250.185.129
142.250.185.130
142.250.185.162
142.250.185.193
142.250.185.194
142.250.185.98
142.250.186.162
142.250.186.68
142.250.186.99
142.250.74.194
151.101.114.132
151.101.12.157
151.101.130.202
151.101.194.137
151.101.194.49
151.101.65.108
151.101.65.194
157.240.20.19
157.240.20.35
159.253.128.183
172.67.13.182
178.162.133.150
178.250.0.165
178.250.2.130
178.250.2.146
178.250.2.151
18.198.126.47
185.29.134.248
185.33.221.13
185.64.189.110
185.64.189.112
185.64.189.114
185.64.190.78
185.64.190.80
185.64.190.81
185.94.180.125
188.165.137.78
198.148.27.134
2.16.186.243
2.18.233.180
2.18.234.190
2.18.234.21
209.54.178.82
213.155.156.181
213.19.162.51
216.152.140.211
216.52.2.39
23.37.38.181
23.37.42.132
3.121.240.184
3.126.56.137
3.129.116.66
3.222.216.135
34.120.133.55
34.248.156.174
34.253.109.165
34.98.64.218
35.157.241.112
35.172.245.152
35.227.248.159
35.227.252.103
35.244.156.29
35.244.174.68
37.157.4.41
50.116.194.21
51.210.112.63
51.89.9.252
52.211.234.106
52.49.15.229
52.57.44.75
54.236.185.42
54.36.109.156
54.86.215.174
64.202.112.63
66.155.71.150
66.155.71.189
69.16.220.201
69.173.144.138
69.173.144.139
76.223.111.131
84.53.164.84
87.248.118.23
89.207.16.137
91.228.74.189
92.122.252.200
02f48fadcb87c438c60bcda7c1304e98994efb10d4aca458b0ec6a1e328b2093
03f9ef25e56a3df087815ca83500dba2eba39bfbc38fe6caa9be3d7adbb01e05
0503c587810f3a4e701af519f771deccd09606325b6df1db642c805253f9148a
0680615b6bf188287295e621b64538d8dbabc251c085a13137915a33450f70e1
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
087ea750095b1abda29404a38ca90ccae4215aef86392a06ce7a15d007e60f8d
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7
10a1385c35cf59ee4e62360451c6eca35309ee84fa0209718eb59b1dcf9e3256
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
1349f8a177348d0812701b1d014b76c7dba107cb9793792379e70cfeb35ed80d
14825156cb2d46e54c6161adf4e938f48ed6b5d9a6fa854c1e96eaf62453a007
150ba3fc2377e8f8f2f10c9121902e7f300ad98ff80ffcee1447ba6ea3b14ebd
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1abde1da3fb4d63b0b449ea3de0366e3e9adaa331d3760228994adadd12abf4e
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
22bc956a539f85eb61b4e61a9601c9cafd7df6b5caf2b119c0e142fce86a50e3
254518bd5dc2799922fb088e962aac84de84a6594cb842e15815c5c476d69c2e
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
273282a153ded9e3bf56932b20e17408048ddd0d3edf359ebc52e1312a927c4e
278ae4242b520e91bbda263623483bdb1e2e0ad89e9335b09fe65315e0eed096
27b09941b35ac66529f0911975b1b47b9ef34ae76193f5228c5f20d113665c74
281a1c5996dabee532e69c0be0d9bdef31178f9eb492bd9d96a3d69083894889
2bcd736916e50f0106eaeb728809ae8a5eca973ee07192599f1a3506fac3cbec
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2ee67a5dc576962ba54d2c11769fe77b66e7cb9ec9af6a28ce7c67f079c92f3d
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30a3a4971dbadd937cf483b7e077419db003a4996f293fe03d3b09cd68439612
3259adf52da1290a7b0488bcbc24da28be75172ac3a62524913509f0576e0baa
325eb0ed9c4b2173718116d97c78e067f83311ed07570de76d154881bee92947
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32c8dcaca4789dc71d25134dfa1394642f6c5cd5aa71e5eb75c27c48ad8ba162
349854751e21b3fa52ac4ca50594acaecd57686cb4d3bd4aa14b1f5f2d6c5833
35f8e56eb42f9a1891f9ee0196bfb312f3b013a77f9a0191eb61e3f7d5157691
3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37e4ecedf0ab53a8f928507a9ae337f5871230f4525ce7e8070af4b21c17412d
390a744dab893732a8b20e0ca861ad988841c0ed359590dc26fe37c27d93e666
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3a7f31c31e9f9d90fad4687f4f9739466951d0248b305f5ecf262978748b6d17
3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f5b5d768def348ece2afaa8c1493ab88b65ad0c535dc502caf85b3ea22ebdd3
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
403cea8095f7c63dbad7fa344ee0077ff3ab8af037ea6c8ff9bebff740662015
403f82f5023b7899ecc6ea3059c0b29c10d6719e7f8464e0625c8f5d02c9b69c
41a6565310336a11e135d7846d8b9bb1f23bb516dbf87752a745a3d4668205fb
41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45b66365014c7b8061074d0f774ed7343cc6ae290c0e3d73ddf2466db2a9a6b1
462f8a9becd0c3fe2ff5f35f32d9ec980cab1ae3a715b9f7ba03e544134d815c
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b09c35105f9c5d7a07edf2c33c64d7da9397bfc1e645cc5552410b4397d267c
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
4c22b6f656365ec3d38db4469c4bfccb020d1ac33ff23cc6636c7a6c09ba2e93
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f820f0ef60feea0b9127f668b9fb37ed82e6f9265859d43a826336cf428f507
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fbff6ff8867967f8d2558d1aea035ce50147119b8f295f6f46f038fba79bdb4
501b84d7db37a158e0313efd545c334fc75d82750e1248fa383321c67728b1ce
50218b350ecd9694900e829cfc6c60e47693ef3cb35a07774414ef83a911f1b4
5268ac15e7bd3c204ac9475d6a17721a3e3a63b024f1a4fa163efaaa993b7453
5667221d6dbbbcd25aad22b734bb02b2afa806492457c6d41396b6a6d6cffd38
57045f1a345b6fe852aa6615b61fc5920a9bd315adfec366d678d8f1cfb53588
584c233f0f61d8d4f73e3a0f8381e3cf0eaae854796f839e55c8b072f58b2c19
58ed718e49e1c6e7bd8beedde49921d8bacacb0ccf48f5e7e4bac727cba9cb57
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
612e6b00354d56a1726cd40dc9a28d83ffda033d63214eae704d1e61ef59b3b5
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
614bb599b7fd80a9d1aecc5de3daffcbff1ac9d93f3a88872852341e0b1ac8a0
63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9
64bff75a60c41b34a4deb9ce811a1e48a1b17bc3d3624715354764f6ae57cb63
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
668c0ef605758b2a28ae572680986554e0097e2f10a749db8316b3cb1574806c
6a7dd3acbecddc653446803e807cea2b6a85f3c6c1a6cc349b751f5e965647ad
6bc2e1938dce0909795a59f648a83c112375db0214bbb8e15b0cf22e46954974
72d3bb48505405120796571830ae74c4f871f03a9052d080cde2190aa926b1ee
72f101872bc0139113fd21484872afcab0504ab36998e0f564ef862924e572ef
734177d11a259613a01026c55a0b390a5d9fd2955086fca22ae02b33c7dec537
734421d9e2fa5fe78c7bbd157c8de6a60bd1e0752c8abfcd2ca27f4a477ff2e5
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
765a9009021962356534119eff5f6bdff6e05350c57817790abcafb094cdcde6
774308438b323dbb84cdeee6b50c8c3880bfae046ccd9610e70b07253806bd71
78b341647e8bf718869378550c0c14b87bfe33967b4944d7dac6a2a1f3290d4c
7ada61037c66d48d66e9ca321fcc7bc9eca75f890719b023d7b27c978972ffd6
7b0c7c717a2a887f1cfe30542e03b025be4be204acbf30936915509aaab6c4f7
7b7d44fa8c242c4c3f19fa899c79708f33acb8edd661867c415043a0d2f9c668
7eb2af8a6315d058a1e7b87fadf2070e8fc0b2449b0a89da20c5b912de500acd
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
808ecd508fafb1836f5a350eb2165824e8130f96ba29e1b35d9d473d8b13708e
829756054147c6e161c7573ff9d90a0accbcb52b0e81a6fb11d70005fbd67b52
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834077817a074e33624a962a4eb7dadc0a04f89d15252fc0e5ae47aec40e3597
8491e6705bdb33a52dce45f3e5299aab11aa555537f6a6e869e4a0bd9af3d7be
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8651e9ef2609c47d0363798e22654f41f07fb5c81fc73e6ecaf4027f3faaf9b9
878e8e6309ebfffdc45757f554e65186dd2eac308d488bff93b7b39a7a0d881e
87dd6a6e76d5d5c73d442449c874c8e547151372048ad1fd292039e1b9276b4c
8831f6ee65c0f911f10c3de69a9cf594f4bc582211a5c954f1d097d84681ec4c
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f11b2bfeb8d53f53f9689942afc81bfac42debe8851f7f38b0a85c9504f6595
9041f63adc7ef5badf30edfdd51d94832df52c6a93c52ba91ea270c107847b82
92bfdcca894c5564d57a8a74b493cd4df537a4909157b362abbd9739e71c16fe
93fc8b658124ff5537f0f4d764d1ab052431db7356744319851ec3b69d5c5511
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
96047bac4e4ec348f46f749f124b0f357ed9b72efeb1a64633a7d5137aba9d60
96fa5a340f5114714f2e622979e6b755a823da552883dcdd0329304ef367d549
970b79c6fa17946229d243313cadf52d3eaa768140686c42a772a2c7053bc459
973062a297c40cb6ca1299843ec6f7c05fce8e02a5ac35082c64afa9ea47bfed
98116242c6e7f32ff1c53ef9a1c123c2d7f3e6b34f02721c7468460a2ccd1894
985e4a06420f8c11fd3275789c334b12a66fded63b22944719c3507fe1efa2c8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99a2b818617447dfa6f85d6437bb7736d48b5acb114a1f01b1afa8a4a201e770
9b7b775e82b7d6abe9672956d2108de585040e60065360d9924805c118ffcbec
9cc56b9cf533e555f5fb811caa87bb9517137e81911cc8fc20277a25d1ae81fe
9d8a633f49f73344254aaf97549b037c397addbcf66cb8346406b6fc8c1ae9f9
9ebf656a2d277efb597f3f96c8644ea0aee98bb81951a9c539273159b7208ace
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a652c4c938a30cb1d2035280f3e8993908dc1587d484efe553ee4e7ad82b34ab
a6b9ca255d1b81f64849a3e0412ee94a858f10baafb862bfd715541afdb012df
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa21d0ddbc7cb318d1367bab72630267ec09559a269a23672cebf582d36386ca
aac4551f7c4af39a0614508108a3029ac07febc405b0a20ddaa1d9649e48f9db
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ace65488560265e1e0508f4ced6908764a19f68bb735eb03e22b64860e6fbd08
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
affcef1cf5582d4aa43b7a053ad38e4076a343588a84aa3d4588463cda0bc395
b07c264563622bdb1a5a4800ae3448882ee6fb6cdb8e79ffe00e96439a4965e1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3074e2cf0b12bcf10b46ed42bbe45b43ddfb868a7434b8e7b45ec387924c09a
b4b25207a7c891ee8e5576435f4c4660a1afd792ee6edd0089e4a1fe815021c0
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b6322113217b4fac79ad5b27613c9c66d466e67fad90363e743c87df4843acd7
b64f53bf69d080d62a915b32b4c7c8a2b31a787b3ccf64c4a63aeba170355c22
b7618206e20ad8c415a0879f166e6fbaa9a54fbb70bcf9b3ba027c36aef225b0
b7c02fc4c3011ce2dd5127991d66dcdd40bab846d43c96995aa4145af560158a
bcce076b102ced000f864c0446c19f3998f4331b6dc9d4fbddb771c437514430
bd408a5a042b26302422015b360c781e0a7f49de63198b53acedf20931c90b66
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
bf116e2f9cf5abc67043ef3e9393743268654c40bec396ff4e5fe5be4a9b6cce
c1a416fa981fbbbd500b1d664c7f1e67a1020b02f232aadbcef3fc11bcc46418
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c76853b9b64b3fb4b4cfbd22885e4cc2e3f14918020efb69a1df8eaeeb2a3b8e
c92cab84b44ac37925a00450873a018ac601883a2d6e7a760ea38fdde7671004
c96a1d9e7dd65677035139bcfb4d582451fd433934a1689926808c8be493a8aa
ce3688c50589d1d31479c5023563da96c78ed18f77c248f5a1fd83ae8d81c8fd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0a021ee79d92e4df9b07e1df75036b876d352e703d0f19fd506918f866cade6
d13f75258af94187679cd8a64ca79c55aca966bae5af60231f575faaf84d8aa7
d5c5dd87b58e18d27d3ff620493679afd90e79dc698222a821587ea901538ee2
d7ab0f1e31217960c7bcf0bdb822374271344c75aab4da7825505571e7e9035e
d96ccf636ef33b1e9c507b09979dd02b541989d68dc18a83be2cc9e3f275abbf
da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dc5ad5068a6a326e2b8a3382ac1dca0b67f93f592dee63037a1aab0b2995c8f2
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e299ebc7e9d8ba28f03e84211b2cfb5d292eb455c0bc310522934894a8adc3b5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41656eb2ba6c6293bf6dd928e5a88cdbc50535cab661c1969e0f598e497ed62
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e9a3a594fef3383e7b5fc71387a1ed0e81cabe34ca1782cbc5972c03b332cdbb
e9ecd023ea06eff2419484166b4abfea40f10b044a846c999c4857d71b9f2207
ea72fa611b3125470da3b6332b600bed0cb57602887750e8824bb0ed50e6517e
ea9d44babfa4a2cd0031f081fd9381751bee0f7d044ae9254d2b1ce71fa32605
eb92187bc7726534b1d4a2cc0409325cd71ecf285b7c2950b760b2881044189e
ec21994398e4e7f1d779c851963ad73aace7e2448711c582370fa5450bd49804
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f37c5820d6b549fc3690fccc7090de80ab33e4e07ae657cbea324fd9e13a5b48
f54e27d486114ee3dc179d87cccb955f908477e5ad4cef408162e85222d157a8
f819df02ddb929da6a73a2ac384aa3b620c0f06c4c024a191ad78cb0bea22a65
f8a691e6f523905cca35f8488a78ceadbaa81c057adf1b5a4817871ad27bf787
f9cd038ad10f83db254385078fe940bba6091f1b5a0e39c1f1b5fbc657aea868
fa1c22841b2d731bd4f86827eeb1c9841e22230d3e2ca016f50a621adab365ee
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fed639c966edf7aaea1acef6464e9ae51c61b0e58b8119f7bdbca58a8326c760