urlscan.io logo urlscan.io
SecurityTrails logo

www.sltrib.com Open in urlscan Pro
2a02:26f0:3500:12::1730:17a6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://link.3blmedia.com/ls/click?upn=U6uMdUiGorMQswyq-2F5baT0WpZw8lNtA4E46bG95ZwjhHaI9ETCVADR2fePQb7p1YV-2Foj8aHQMlILNbu...
Effective URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Submission: On September 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 46 IPs in 4 countries across 32 domains to perform 149 HTTP transactions. The main IP is 2a02:26f0:3500:12::1730:17a6, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.sltrib.com. The Cisco Umbrella rank of the primary domain is 176749.
TLS certificate: Issued by R3 on August 25th 2022. Valid for: 3 months.
This is the only time www.sltrib.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.118.52 11377 (SENDGRID)
31 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 35.244.156.29 15169 (GOOGLE)
1 65.9.65.116 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 23.35.237.86 16625 (AKAMAI-AS)
2 142.250.185.66 15169 (GOOGLE)
2 2600:9000:205... 16509 (AMAZON-02)
2 2600:9000:206... 16509 (AMAZON-02)
1 2600:9000:214... 16509 (AMAZON-02)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 23.35.229.181 16625 (AKAMAI-AS)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 5 172.217.16.198 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
5 10 66.155.71.149 13768 (COGECO-PEER1)
1 1 207.198.113.205 13768 (COGECO-PEER1)
1 66.155.71.179 13768 (COGECO-PEER1)
2 34.196.134.239 14618 (AMAZON-AES)
1 11 151.101.66.137 54113 (FASTLY)
1 64.202.112.31 23352 (SERVERCEN...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 35.201.71.192 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 2606:4700::68... 13335 (CLOUDFLAR...)
11 2606:4700::68... 13335 (CLOUDFLAR...)
3 99.86.4.76 16509 (AMAZON-02)
2 69.16.220.201 32244 (LIQUIDWEB)
2 2a00:1450:400... 15169 (GOOGLE)
3 54.186.23.98 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 99.86.4.96 16509 (AMAZON-02)
1 35.81.202.99 16509 (AMAZON-02)
3 151.101.2.137 54113 (FASTLY)
4 3.135.86.205 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
3 146.20.128.132 27357 (RACKSPACE)
1 2a00:1450:400... 15169 (GOOGLE)
149 46
1    167.89.118.52 (Las Vegas, United States)

ASN11377 (SENDGRID, US)
PTR: o16789118x52.outbound-mail.sendgrid.net
link.3blmedia.com
31    2a02:26f0:3500:12::1730:17a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.sltrib.com
3    35.244.156.29 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 29.156.244.35.bc.googleusercontent.com
sltrib.coral.coralproject.net
1    65.9.65.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-65-116.fra56.r.cloudfront.net
js.adsrvr.org
1    2a02:26f0:3500:586::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
1    2a02:26f0:3500:991::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
2    23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
2    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2600:9000:2057:3600:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
2    2600:9000:206f:a800:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.osano.com
1    2600:9000:214f:4000:13:a391:88c0:21 (United States)

ASN16509 (AMAZON-02, US)
d3plfjw9uod7ab.cloudfront.net
3    2606:4700:20::ac43:497c (United States)

ASN13335 (CLOUDFLARENET, US)
www.queryly.com
4    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    23.35.229.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-181.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
2    2606:4700:3032::ac43:cb69 (United States)

ASN13335 (CLOUDFLARENET, US)
analyticssystems.net
5    172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f198.1e100.net
8208269.fls.doubleclick.net
8234312.fls.doubleclick.net
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a04:4e42:600::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
1    2606:4700:20::681a:8b (United States)

ASN13335 (CLOUDFLARENET, US)
a.pub.network
10    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-a.basis.net
pixel.sitescout.com
1    207.198.113.205 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
clickserv.basis.net
1    66.155.71.179 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
clickserv.sitescout.com
2    34.196.134.239 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-134-239.compute-1.amazonaws.com
ping.chartbeat.net
11    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
capi.connatix.com
img.connatix.com
1    64.202.112.31 (Lovettsville, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
log.outbrainimg.com
1    2606:4700:3030::6815:5476 (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
4    2606:4700::6811:bab1 (United States)

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
buy.tinypass.com
id.sltrib.com
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    35.201.71.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.71.201.35.bc.googleusercontent.com
d.pub.network
2    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2606:4700::6810:2a41 (United States)

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
7    2606:4700::6811:b7b1 (United States)

ASN13335 (CLOUDFLARENET, US)
buy.tinypass.com
11    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    99.86.4.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-76.fra6.r.cloudfront.net
js.stripe.com
2    69.16.220.201 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host3.utahdigitalservices.com
local.sltrib.com
2    2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
q.stripe.com
2    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    99.86.4.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-96.fra6.r.cloudfront.net
m.stripe.network
1    35.81.202.99 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-202-99.us-west-2.compute.amazonaws.com
m.stripe.com
3    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
ins.connatix.com
vid.connatix.com
4    3.135.86.205 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-135-86-205.us-east-2.compute.amazonaws.com
capi-tier-1-us-east-2.connatix.com
4    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
3    146.20.128.132 (United States)

ASN27357 (RACKSPACE, US)
ssp.lkqd.net
1    2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
Apex Domain
Subdomains		 Transfer
34 sltrib.com
www.sltrib.com — Cisco Umbrella Rank: 176749
local.sltrib.com
id.sltrib.com — Cisco Umbrella Rank: 416816
1 MB
18 connatix.com
cd.connatix.com — Cisco Umbrella Rank: 4881
cds.connatix.com — Cisco Umbrella Rank: 5200
capi.connatix.com — Cisco Umbrella Rank: 5280
ins.connatix.com — Cisco Umbrella Rank: 6875
capi-tier-1-us-east-2.connatix.com — Cisco Umbrella Rank: 5506
vid.connatix.com — Cisco Umbrella Rank: 6241
img.connatix.com — Cisco Umbrella Rank: 5932
424 KB
11 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 355
98 KB
10 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 8266
cdn.tinypass.com — Cisco Umbrella Rank: 6841
buy.tinypass.com — Cisco Umbrella Rank: 5556
380 KB
9 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226
8208269.fls.doubleclick.net — Cisco Umbrella Rank: 448238
8234312.fls.doubleclick.net — Cisco Umbrella Rank: 451533
stats.g.doubleclick.net — Cisco Umbrella Rank: 188
32 KB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2812
q.stripe.com — Cisco Umbrella Rank: 23470
m.stripe.com — Cisco Umbrella Rank: 2345
84 KB
6 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 5522
clickserv.sitescout.com — Cisco Umbrella Rank: 36710
649 B
6 basis.net
pixel-a.basis.net — Cisco Umbrella Rank: 28446
clickserv.basis.net — Cisco Umbrella Rank: 88369
401 B
5 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 480
imasdk.googleapis.com — Cisco Umbrella Rank: 456
776 KB
4 google.de
adservice.google.de — Cisco Umbrella Rank: 5202
www.google.de — Cisco Umbrella Rank: 3469
2 KB
4 google.com
adservice.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 19
2 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
40 KB
3 lkqd.net
ssp.lkqd.net — Cisco Umbrella Rank: 33020
1 KB
3 queryly.com
www.queryly.com — Cisco Umbrella Rank: 16338
16 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1628
mab.chartbeat.com — Cisco Umbrella Rank: 3129
25 KB
3 coralproject.net
sltrib.coral.coralproject.net — Cisco Umbrella Rank: 345955
35 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 3015
16 KB
2 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1356
401 B
2 pub.network
a.pub.network — Cisco Umbrella Rank: 8453
d.pub.network — Cisco Umbrella Rank: 9025
61 KB
2 analyticssystems.net
analyticssystems.net — Cisco Umbrella Rank: 18324
541 B
2 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 4265
log.outbrainimg.com — Cisco Umbrella Rank: 2588
787 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 141
135 KB
2 osano.com
cmp.osano.com — Cisco Umbrella Rank: 10116
94 KB
2 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1474
widget-pixels.outbrain.com — Cisco Umbrella Rank: 3337
72 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1818
c.go-mpulse.net — Cisco Umbrella Rank: 733
51 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 350
17 KB
1 piano.io
c2.piano.io — Cisco Umbrella Rank: 5229
3 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 5861
3 KB
1 cloudfront.net
d3plfjw9uod7ab.cloudfront.net
66 KB
1 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 2308
2 KB
1 3blmedia.com
link.3blmedia.com
267 B
0 placelocal.com Failed
tag.placelocal.com Failed
149 32
Domain Requested by
31 www.sltrib.com www.sltrib.com
11 cdnjs.cloudflare.com buy.tinypass.com
8 buy.tinypass.com cmp.osano.com
buy.tinypass.com
cdnjs.cloudflare.com
6 img.connatix.com
5 pixel.sitescout.com www.sltrib.com
8234312.fls.doubleclick.net
5 pixel-a.basis.net 5 redirects
4 imasdk.googleapis.com cd.connatix.com
imasdk.googleapis.com
4 capi-tier-1-us-east-2.connatix.com cd.connatix.com
4 www.google-analytics.com www.sltrib.com
d3plfjw9uod7ab.cloudfront.net
3 ssp.lkqd.net cd.connatix.com
3 q.stripe.com www.sltrib.com
3 js.stripe.com buy.tinypass.com
js.stripe.com
3 cds.connatix.com www.sltrib.com
cd.connatix.com
cmp.osano.com
3 8234312.fls.doubleclick.net 1 redirects www.sltrib.com
adservice.google.com
3 www.queryly.com www.sltrib.com
3 sltrib.coral.coralproject.net www.sltrib.com
cmp.osano.com
2 ins.connatix.com cd.connatix.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 www.google.de
2 www.google.com
2 stats.g.doubleclick.net d3plfjw9uod7ab.cloudfront.net
2 local.sltrib.com buy.tinypass.com
2 adservice.google.de 1 redirects adservice.google.com
2 adservice.google.com 8208269.fls.doubleclick.net
8234312.fls.doubleclick.net
2 ping.chartbeat.net www.sltrib.com
2 8208269.fls.doubleclick.net 1 redirects www.sltrib.com
2 analyticssystems.net www.sltrib.com
d3plfjw9uod7ab.cloudfront.net
2 www.googletagmanager.com www.sltrib.com
cmp.osano.com
2 cmp.osano.com www.sltrib.com
cmp.osano.com
2 static.chartbeat.com www.sltrib.com
2 securepubads.g.doubleclick.net www.sltrib.com
d3plfjw9uod7ab.cloudfront.net
1 id.sltrib.com d3plfjw9uod7ab.cloudfront.net
1 s0.2mdn.net imasdk.googleapis.com
1 vid.connatix.com cd.connatix.com
1 capi.connatix.com cd.connatix.com
1 m.stripe.com m.stripe.network
1 c2.piano.io d3plfjw9uod7ab.cloudfront.net
1 cdn.tinypass.com cmp.osano.com
1 d.pub.network d3plfjw9uod7ab.cloudfront.net
1 experience.tinypass.com cmp.osano.com
1 www.npttech.com cmp.osano.com
1 log.outbrainimg.com d3plfjw9uod7ab.cloudfront.net
1 cd.connatix.com 1 redirects
1 clickserv.sitescout.com www.sltrib.com
1 clickserv.basis.net 1 redirects
1 a.pub.network cmp.osano.com
1 mab.chartbeat.com d3plfjw9uod7ab.cloudfront.net
1 ajax.googleapis.com cmp.osano.com
1 widget-pixels.outbrain.com www.sltrib.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 d3plfjw9uod7ab.cloudfront.net www.sltrib.com
1 widgets.outbrain.com www.sltrib.com
1 c.go-mpulse.net s.go-mpulse.net
1 s.go-mpulse.net www.sltrib.com
1 js.adsrvr.org www.sltrib.com
1 link.3blmedia.com 1 redirects
0 tag.placelocal.com Failed cd.connatix.com
149 57
Subject Issuer Validity Valid
sltrib.web.arc-cdn.net
R3		 2022-08-25 -
2022-11-23		 3 months crt.sh
sltrib.coral.coralproject.net
GTS CA 1D4		 2022-08-08 -
2022-11-06		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
akstat.io
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-15 -
2023-04-19		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
cmp.osano.com
Amazon		 2022-09-02 -
2023-09-30		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-07 -
2023-04-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
*.analyticssystems.net
E1		 2022-08-02 -
2022-10-31		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.pub.network
Go Daddy Secure Certificate Authority - G2		 2022-03-19 -
2023-04-20		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2021-08-20 -
2022-09-21		 a year crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2022-04-27 -
2023-04-26		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2022-08-31 -
2023-01-10		 4 months crt.sh
local.sltrib.com
cPanel, Inc. Certification Authority		 2022-08-09 -
2022-11-07		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-15 -
2022-11-13		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-11 -
2022-10-19		 3 months crt.sh
*.lkqd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-27 -
2023-07-18		 a year crt.sh
id.sltrib.com
Cloudflare Inc ECC CA-3		 2022-07-30 -
2023-07-30		 a year crt.sh

This page contains 18 frames:

Primary Page: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Frame ID: F8C12BE6BDA79336BDA044AA9B83BBB3
Requests: 92 HTTP requests in this frame

Frame: https://8208269.fls.doubleclick.net/activityi;dc_pre=CMSGpJPKgPoCFYiZGAod8EkCiQ;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908
Frame ID: 1459A3938C71DDE5FBFB85618C10F72F
Requests: 1 HTTP requests in this frame

Frame: https://8234312.fls.doubleclick.net/activityi;dc_pre=CKKIpJPKgPoCFVgRewodKqEO2Q;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908
Frame ID: 2E59334B0CF3610E1A398BC32EB35C27
Requests: 1 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 2FBAF4946141379354E2E8F7823D6A33
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: D485B91CD62B8ED107336E615EA2CEEE
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: D7244FA9D9DF2BB6C9F070520BAE68D5
Requests: 1 HTTP requests in this frame

Frame: https://cds.connatix.com/p/180443/connatix.playspace.dc.js
Frame ID: 62D6E953ED2703955D5DC6A271DA8ABB
Requests: 17 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CMSGpJPKgPoCFYiZGAod8EkCiQ;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Frame ID: 27A2E5A9B3F7D98E4DB42FC58DEFB5A9
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKKIpJPKgPoCFVgRewodKqEO2Q;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Frame ID: 50CF200D733E790681DA0F18918321EC
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CMSGpJPKgPoCFYiZGAod8EkCiQ;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Frame ID: 91411AB1B0B6029D35A888132EC9E606
Requests: 1 HTTP requests in this frame

Frame: https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CKKIpJPKgPoCFVgRewodKqEO2Q;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Frame ID: D1FF830DCD27019D213C4A92A5080B80
Requests: 2 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 6C37DCC324A3AAB5FD2090076043F759
Requests: 1 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-Y9Yd3&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=2124059250.1662481485&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=fb5b9eb4fa
Frame ID: 0C0025941BC0D149D52FEE2E287BE7BA
Requests: 20 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-e52e635988f6f4658a329b4b948f1007.html
Frame ID: 6477A9A62645FCBC1E40A0AA84EBCA50
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 9F56B58398427EC19ED3DB0B97AB974D
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Frame ID: 2A914EA6395242085763569D5CE6D80C
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Frame ID: 5C3E96006D801C0EE17D861D1565EFC7
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Frame ID: 86F4EF0DCF0D7D09B6681840735FFE58
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Richest Utah native vows to give away 90% of his billions

Page URL History Show full URLs

  1. http://link.3blmedia.com/ls/click?upn=U6uMdUiGorMQswyq-2F5baT0WpZw8lNtA4E46bG95ZwjhHaI9ETCVADR2fePQb7... HTTP 302
    https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • backbone.*\.js
Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

149
Requests

93 %
HTTPS

53 %
IPv6

32
Domains

57
Subdomains

46
IPs

4
Countries

3589 kB
Transfer

12520 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://link.3blmedia.com/ls/click?upn=U6uMdUiGorMQswyq-2F5baT0WpZw8lNtA4E46bG95ZwjhHaI9ETCVADR2fePQb7p1YV-2Foj8aHQMlILNbucMrO1ohwbB6vTVfz-2BKIS-2Bp2UTJOQ-3D3mJN_xK1japI3Lshn3uPvI4t5LmGGWY3WhQZ3zBG16HO9d4sCDUzpUc0dybqxoutza8Pr-2BMejf637Zv9LWV0uytbFEw6T7dhINV1uIaoTGI5WvJdUfzLjJX2k-2BB564Aj3GH6SxuDAIjBs6gzsle7Z-2B1xuWjPsYEQfTkXSujfJBwk8D4BpAIhQ-2BT3dPD8tOfs7bsgrnwu697AeGJYaRzX25Tr3YOcmg6bYHIdOVYa9YaZgATI-3D HTTP 302
    https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45
  • https://8208269.fls.doubleclick.net/activityi;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908 HTTP 302
  • https://8208269.fls.doubleclick.net/activityi;dc_pre=CMSGpJPKgPoCFYiZGAod8EkCiQ;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908
Request Chain 46
  • https://8234312.fls.doubleclick.net/activityi;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908 HTTP 302
  • https://8234312.fls.doubleclick.net/activityi;dc_pre=CKKIpJPKgPoCFVgRewodKqEO2Q;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908
Request Chain 59
  • https://pixel-a.basis.net/dmp/asyncPixelSync HTTP 301
  • https://pixel.sitescout.com/dmp/asyncPixelSync
Request Chain 60
  • https://pixel-a.basis.net/dmp/asyncPixelSync HTTP 301
  • https://pixel.sitescout.com/dmp/asyncPixelSync
Request Chain 61
  • https://pixel-a.basis.net/iap/dda8255d32e6482d HTTP 301
  • https://pixel.sitescout.com/iap/dda8255d32e6482d
Request Chain 62
  • https://clickserv.basis.net/conv/1ea036853c174e3a HTTP 301
  • https://clickserv.sitescout.com/conv/1ea036853c174e3a
Request Chain 65
  • https://cd.connatix.com/connatix.playspace.js HTTP 302
  • https://cds.connatix.com/p/180443/connatix.playspace.dc.js
Request Chain 74
  • https://adservice.google.de/ddm/fls/i/dc_pre=CKKIpJPKgPoCFVgRewodKqEO2Q;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/ HTTP 302
  • https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CKKIpJPKgPoCFVgRewodKqEO2Q;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Request Chain 77
  • https://pixel-a.basis.net/dmp/asyncPixelSync HTTP 301
  • https://pixel.sitescout.com/dmp/asyncPixelSync
Request Chain 78
  • https://pixel-a.basis.net/iap/9f30138796dc7a6a HTTP 301
  • https://pixel.sitescout.com/iap/9f30138796dc7a6a

149 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Redirect Chain
  • http://link.3blmedia.com/ls/click?upn=U6uMdUiGorMQswyq-2F5baT0WpZw8lNtA4E46bG95ZwjhHaI9ETCVADR2fePQb7p1YV-2Foj8aHQMlILNbucMrO1ohwbB6vTVfz-2BKIS-2Bp2UTJOQ-3D3mJN_xK1japI3Lshn3uPvI4t5LmGGWY3WhQZ3zBG1...
  • https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
321 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
6cf2d695fd4e56e10f58b01bc4b38a3fda47ccbf619b7e4d9867d2568e1d491e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

akamai-true-ttl
-1
arc-country
DE
cache-control
private, max-age=60
content-encoding
gzip
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
content-type
text/html; charset=utf-8
date
Tue, 06 Sep 2022 16:24:45 GMT
etag
W/"4f000-KEZe57Okj4nCKaSOIsCd16epY1k"
expires
Tue, 06 Sep 2022 16:25:45 GMT
last-modified
Tue, 06 Sep 2022 16:23:40 GMT
link
<https://sltrib.coral.coralproject.net>;rel="preconnect",<https://js.adsrvr.org>;rel="preconnect",<https://www.queryly.com>;rel="preconnect",<https://static.chartbeat.com>;rel="preconnect",<https://cmp.osano.com>;rel="preconnect",<https://a.pub.network>;rel="preconnect",<https://www.googletagmanager.com>;rel="preconnect",<https://ajax.googleapis.com>;rel="preconnect",<https://cdn.p-n.io>;rel="preconnect"
server
openresty
server-timing
cdn-cache; desc=HIT edge; dur=198
strict-transport-security
max-age=86400
vary
Accept-Encoding
x-akamai-transformed
9 59395 0 pmb=mRUM,2

Redirect headers

Connection
keep-alive
Content-Length
87
Content-Type
text/html; charset=utf-8
Date
Tue, 06 Sep 2022 16:24:44 GMT
Location
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Server
nginx
X-Robots-Tag
noindex, nofollow
main.css
www.sltrib.com/pf/resources/css/ 		113 B
750 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/css/main.css?d=306
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
668c0ef605758b2a28ae572680986554e0097e2f10a749db8316b3cb1574806c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 06 Sep 2022 16:24:45 GMT
content-encoding
gzip
x-amz-request-id
MX4JFREDQHESG0GY
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=8
content-length
88
x-amz-id-2
zI6SL80r5QXhtdNTzgS6fZRr0O0qa0BliPZs3WKE9ydfSntVLexImLf4Px4IPdC4FFFnXbkb7FM=
last-modified
Wed, 31 Aug 2022 15:46:52 GMT
server
openresty
etag
W/"c07ed12e990cf688bbb98cbc27f198a8"
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 06 Sep 2023 16:24:45 GMT
carousel.css
www.sltrib.com/pf/resources/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/css/carousel.css?d=306
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
93fc8b658124ff5537f0f4d764d1ab052431db7356744319851ec3b69d5c5511
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 06 Sep 2022 16:24:45 GMT
content-encoding
gzip
x-amz-request-id
MX4K3FX5WHV3M23Q
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=8
content-length
826
x-amz-id-2
xgkyHynWyt+bEWkUdikxe6cBQA1k6fIIMiM71gKrREkeLOq3VXdz9+lLzj30PvxIqRdJGkjNQ+o=
last-modified
Wed, 31 Aug 2022 15:46:52 GMT
server
openresty
etag
W/"a967928dd3b5d82f2d2f613f61699944"
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 06 Sep 2023 16:24:45 GMT
count.js
sltrib.coral.coralproject.net/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sltrib.coral.coralproject.net/assets/js/count.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.156.29 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
29.156.244.35.bc.googleusercontent.com
Software
/
Resource Hash
305705fc54f335a4cce39cb68ab059e7202c19f0ff03d3336ebd3e6fcdcf0518
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
x-content-type-options
nosniff
age
939
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1688
x-xss-protection
1; mode=block
x-trace-id
79019390-2df4-11ed-bb7d-b5e533ad8038
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 08 Jun 2022 14:32:05 GMT
date
Tue, 06 Sep 2022 16:09:06 GMT
vary
Accept-Encoding
content-language
en-US
via
1.1 google
cache-control
public, max-age=1800, s-max-age=604800
etag
W/"698-18143bace88"
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
embed.js
sltrib.coral.coralproject.net/assets/js/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sltrib.coral.coralproject.net/assets/js/embed.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.156.29 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
29.156.244.35.bc.googleusercontent.com
Software
/
Resource Hash
01d6fdcdfb196cb3a9e6d29c26f16be5449973ea5801c8a19812e62edc8b1375
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
x-content-type-options
nosniff
age
1096
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17051
x-xss-protection
1; mode=block
x-trace-id
ddf721d0-2dfd-11ed-9d16-93be37042a91
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 08 Jun 2022 14:34:40 GMT
date
Tue, 06 Sep 2022 16:06:29 GMT
vary
Accept-Encoding
content-language
en-US
via
1.1 google
cache-control
public, max-age=1800, s-max-age=604800
etag
W/"429b-18143bd2c00"
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
freestar.js
www.sltrib.com/pf/resources/js/ 		880 B
872 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/freestar.js?d=306
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
3b4afadbde544c4bcff673c56233c2aebf3acbe475a895594a0c5c58f2a444a8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Tue, 06 Sep 2022 16:24:45 GMT
content-encoding
gzip
x-amz-request-id
MX4GNS9PZJJQ3173
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=50
content-length
230
x-amz-id-2
0JYoQug8ZYWWGXSx1uthUO1LDUeHAE3/Ngj9iZTy+/uaEaWRisv/+aSNDkm6qmb3vUvaoq9ECNk=
last-modified
Wed, 31 Aug 2022 15:46:52 GMT
server
openresty
etag
W/"bea3d0c47bbb5defb8fe4ee310451f0e"
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 06 Sep 2023 16:24:45 GMT
react.js
www.sltrib.com/pf/dist/engine/ 		267 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/dist/engine/react.js?d=306
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
e9ad5095294ab16f4e0f967319567e84e699412d08bdde3986ea4dd21a9825b6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 06 Sep 2022 16:24:45 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
MX4P2GQQ1S9HKXNS
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
83872
x-amz-id-2
JzbOqDXVddcwfJMIM9P+x7AlbmYk+IDD1NAXDCT3EOyU+cHCi7hjFBktPWATF3wUxDj7464XteA=
last-modified
Wed, 31 Aug 2022 15:46:53 GMT
server
openresty
etag
W/"b2c5c2b72393a907c4caabbeb5e54434"
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 06 Sep 2023 16:24:45 GMT
default.js
www.sltrib.com/pf/dist/components/combinations/ 		3 MB
817 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/dist/components/combinations/default.js?d=306
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
b4ea7becb73ec15a833c3b07af42d783b6d659be85365d1b7b2a3698d412d3e2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 06 Sep 2022 16:24:45 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
MX4Y21S7X9EN3FZB
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
834266
x-amz-id-2
9U98LS66bZuSIZCqQcLaWR4nAkWuxu4Z/w7E3ERXBj7VzYQfycaIPFCSivWVutK2xXO4q0aIVjA=
last-modified
Wed, 31 Aug 2022 15:46:53 GMT
server
openresty
etag
W/"f394c4a7f4b88b2e9bea0331a13b90ce"
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 06 Sep 2023 16:24:45 GMT
default.css
www.sltrib.com/pf/dist/components/output-types/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/dist/components/output-types/default.css?d=306
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
faa89869b696a28906e1a4cbc76401428cc2975267b5ab83c605f683a8472406
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Tue, 06 Sep 2022 16:24:45 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
MX4RMTPH3HXCKXFR
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=5
content-length
1418
x-amz-id-2
ImPTz1VWQk1+GI1G/bZZrHslkjmVgmJRfX1rFk5OnZTOcBQSpNchWf5NrHhkyntdybN2b+BWGE4=
last-modified
Wed, 31 Aug 2022 15:46:53 GMT
server
openresty
etag
W/"69b7c25bb75a865cc26ef59b0b9648f7"
strict-transport-security
max-age=86400
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 06 Sep 2023 16:24:45 GMT
default.css
www.sltrib.com/pf/dist/components/combinations/ 		222 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/dist/components/combinations/default.css?d=306
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
a9450e83ec09f4210f388881c236376e6808d1fb46065133d390f7039629f048
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 06 Sep 2022 16:24:45 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
MX4H8XHZJBQTRAVH
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=7
content-length
30213
x-amz-id-2
lsXNEEI8ZuF/1vNIO7VK+SfWkDeORX7IOYZbU4ULl5+cn9WjZSK4cJzXdERxXFr+CQfGwJG+zGg=
last-modified
Wed, 31 Aug 2022 15:46:53 GMT
server
openresty
etag
W/"5098d91c52a12acc2bc282549792491d"
strict-transport-security
max-age=86400
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 06 Sep 2023 16:24:45 GMT
a7e1ce28-5353-4737-87a7-c7be13b28f3c.png
www.sltrib.com/resizer/A-tqhF0IJpMxJCHiHgerOt3lPN8=/60x60/s3.amazonaws.com/arc-authors/sltrib/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/A-tqhF0IJpMxJCHiHgerOt3lPN8=/60x60/s3.amazonaws.com/arc-authors/sltrib/a7e1ce28-5353-4737-87a7-c7be13b28f3c.png
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
3d9215d1b15a3a07cf0bd95f0e8e7eb715671ab34071fb9dc9cbe9c4b0b0c134
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
date
Tue, 06 Sep 2022 16:24:45 GMT
etag
"e2c95998db39338eaff6e9b0fa3d41d5c062a3fa"
x-check-cacheable
YES
arc-country
DE
server-timing
cdn-cache; desc=HIT, edge; dur=21
content-length
1456
last-modified
Wed, 04 May 2022 19:46:33 GMT
server
Akamai Image Manager
x-edgeconnect-cache-status
1
x-serial
1294
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, max-age=29719913
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
x-datastream-cache-status
1
expires
Wed, 16 Aug 2023 15:56:38 GMT
SRH374HARVDG7J2YDXSTBPPKNQ.jpg
www.sltrib.com/resizer/FjHU5FIaP5eYqU1ogalIniRrZqQ=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/FjHU5FIaP5eYqU1ogalIniRrZqQ=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/SRH374HARVDG7J2YDXSTBPPKNQ.jpg
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
c1da96c3d42f7caf85fcf6e884d721b8417efd123ac21d75865ce6825d62b30c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 06 Sep 2022 16:24:45 GMT
x-check-cacheable
YES
x-serial
1412
arc-country
DE
etag
"c93591ef44afab11dce0c575b3f4a2ddfa4febe2"
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, no-transform, max-age=31355212
last-modified
Sun, 04 Sep 2022 14:12:05 GMT
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
2752
server
Akamai Image Manager
expires
Mon, 04 Sep 2023 14:11:37 GMT
I2ZSZXWWHRERROCHLPYZMWUBHQ.JPG
www.sltrib.com/resizer/iHoxehEZYWzHUJQn8rA3nX1nlDQ=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/iHoxehEZYWzHUJQn8rA3nX1nlDQ=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/I2ZSZXWWHRERROCHLPYZMWUBHQ.JPG
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
387aa7a6738013f6870e894b7fe403851bc07a70bce38ae776ee2de49cad8c5c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 06 Sep 2022 16:24:45 GMT
x-check-cacheable
YES
x-serial
1537
arc-country
DE
etag
"e924a5cc4f8e215a384f730fe3fd02b954f09a16"
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, no-transform, max-age=31351145
last-modified
Sun, 04 Sep 2022 13:03:59 GMT
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
4515
server
Akamai Image Manager
expires
Mon, 04 Sep 2023 13:03:50 GMT
F4UE737FVJCBXCRPIEUSDQHVEQ.jpg
www.sltrib.com/resizer/4csdV-wDAz_S9P3PfCt8t8km_O0=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/4csdV-wDAz_S9P3PfCt8t8km_O0=/111x74/cloudfront-us-east-1.images.arcpublishing.com/sltrib/F4UE737FVJCBXCRPIEUSDQHVEQ.jpg
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
c338ffbcf46f2e232a2dfc231dd3d99c7b173cf513bbab256eae8d4a3e3ac067
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000
date
Tue, 06 Sep 2022 16:24:45 GMT
x-check-cacheable
YES
x-serial
780
arc-country
DE
etag
"09bbe580ee4835898d3c5e14425350ccbf504bc0"
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, no-transform, max-age=31279405
last-modified
Sat, 03 Sep 2022 17:09:48 GMT
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
5216
server
Akamai Image Manager
expires
Sun, 03 Sep 2023 17:08:10 GMT
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.65.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-65-116.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 17:37:43 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
82023
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
on-PODhJ9ird2S9HQ_zzQ5MBlgIHoIqoUUw0U-lpDjl99NHI-NDUpg==
ballantine.js
www.sltrib.com/pf/resources/js/ 		465 B
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/ballantine.js?d=306
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
1349f8a177348d0812701b1d014b76c7dba107cb9793792379e70cfeb35ed80d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Tue, 06 Sep 2022 16:24:45 GMT
content-encoding
gzip
x-amz-request-id
MX4K8RCZNEZHHQ6Q
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
262
x-amz-id-2
Oh7xTHxX+CrmY13+R4SoqzN3teNwYY7Si32sfkm1ND4sR0QzEDiDqLDciZw0Exa77yapVn2/tqI=
last-modified
Wed, 31 Aug 2022 15:46:52 GMT
server
openresty
etag
W/"75f660e0bf36975883d65bcb4206e252"
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 06 Sep 2023 16:24:45 GMT
sltrib-logo.svg
www.sltrib.com/pf/resources/svg/ 		28 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/pf/resources/svg/sltrib-logo.svg?d=306
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
50218b350ecd9694900e829cfc6c60e47693ef3cb35a07774414ef83a911f1b4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 06 Sep 2022 16:24:45 GMT
content-encoding
gzip
x-amz-request-id
MX4Y4AT4NBNQ9Z67
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
10808
x-amz-id-2
EhPza7UmH0Alh9vHojRE2ZRWUyDpHzsDj117NcsWmDxHZhUhtQcYAb8Oo+1jJ7YTR7J0wdua0F0=
last-modified
Wed, 31 Aug 2022 15:46:53 GMT
server
openresty
etag
W/"25e4e564ed5f244539f01a165c33c5aa"
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 06 Sep 2023 16:24:45 GMT
trib_masthead.svg
www.sltrib.com/pf/resources/svg/ 		34 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/pf/resources/svg/trib_masthead.svg?d=306
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
d7ab0f1e31217960c7bcf0bdb822374271344c75aab4da7825505571e7e9035e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 06 Sep 2022 16:24:45 GMT
content-encoding
gzip
x-amz-request-id
X1FWAX4T9DMCBBVT
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
10113
x-amz-id-2
fHIZRCVDswxxoWsyeXeiQr/LA88T5ZVby9JypRAVLJ9el11hCB5o+pQpUbty242O6gJulFfhziI=
last-modified
Wed, 31 Aug 2022 15:46:53 GMT
server
openresty
etag
W/"ac682bbc23ad2715870b9244bcf8f9d5"
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 06 Sep 2023 16:24:45 GMT
EQ5PL-TYNFS-SR6UD-ZERFB-E2CY6
s.go-mpulse.net/boomerang/ 		202 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/EQ5PL-TYNFS-SR6UD-ZERFB-E2CY6
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:586::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:45 GMT
content-encoding
br
last-modified
Thu, 11 Aug 2022 08:18:48 GMT
x-n
S
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
51580
73GNBBL2FNBC3KEQ5WXFB2LVLI.jpg
www.sltrib.com/resizer/ygJhj0EIpya2IY2URgIjKencpTg=/1024x650/cloudfront-us-east-1.images.arcpublishing.com/sltrib/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/resizer/ygJhj0EIpya2IY2URgIjKencpTg=/1024x650/cloudfront-us-east-1.images.arcpublishing.com/sltrib/73GNBBL2FNBC3KEQ5WXFB2LVLI.jpg
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
22be49ce866a34ae0c3242ea58bd3cedb4084867009cf100e8149d4d0d2eed4a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Tue, 06 Sep 2022 16:24:45 GMT
etag
"6c6aa7ec1cc6157f41e8cf4d8606d57976a66c48"
x-check-cacheable
YES
arc-country
DE
server-timing
cdn-cache; desc=MISS, edge; dur=54, origin; dur=13
content-length
52785
last-modified
Thu, 01 Sep 2022 17:28:41 GMT
server
Akamai Image Manager
x-edgeconnect-cache-status
1
x-serial
1682
strict-transport-security
max-age=86400
content-type
image/jpeg
cache-control
private, no-transform, max-age=31107871
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Fri, 01 Sep 2023 17:29:16 GMT
truncated
/ 		842 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
462f8a9becd0c3fe2ff5f35f32d9ec980cab1ae3a715b9f7ba03e544134d815c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
config.json
c.go-mpulse.net/api/ 		51 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=EQ5PL-TYNFS-SR6UD-ZERFB-E2CY6&d=www.sltrib.com&t=5541605&v=1.632.0&sl=0&si=b9wju4dunog-rhsqx9&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=634755
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/EQ5PL-TYNFS-SR6UD-ZERFB-E2CY6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:991::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ea9d44babfa4a2cd0031f081fd9381751bee0f7d044ae9254d2b1ce71fa32605

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Sep 2022 16:24:45 GMT
Cache-Control
private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
51
Content-Type
application/json
outbrain.js
widgets.outbrain.com/ 		207 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
650876073a3cf72c3ea5de10fa9f864b6871fabe634f1bc8c9fc9ca9f8db24ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:45 GMT
content-encoding
gzip
last-modified
Sun, 04 Sep 2022 10:18:51 GMT
etag
"16-XpJ86s/QAbM1TDQhJd7xobPhkkQ"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
eb4981c69d2533752cb123e4c3acd722
timing-allow-origin
*, *
content-length
72834
google-analytics.js
www.sltrib.com/pf/resources/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/google-analytics.js?d=306
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
72d3bb48505405120796571830ae74c4f871f03a9052d080cde2190aa926b1ee
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 06 Sep 2022 16:24:45 GMT
content-encoding
gzip
x-amz-request-id
MX4W36CFS8AF99GM
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=4
content-length
931
x-amz-id-2
lwAP7rWLD7PoKDuNzyZlN74lRkBLcypy/FwKQV7AmLt99yd2HBfsxUWElXeVuijYzX6sJPxcWLw=
last-modified
Wed, 31 Aug 2022 15:46:52 GMT
server
openresty
etag
W/"2615a770e33c9ec8523382d136d1f7e8"
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 06 Sep 2023 16:24:45 GMT
google-tag-manager.js
www.sltrib.com/pf/resources/js/ 		747 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/google-tag-manager.js?d=306
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
7eb2af8a6315d058a1e7b87fadf2070e8fc0b2449b0a89da20c5b912de500acd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 06 Sep 2022 16:24:45 GMT
content-encoding
gzip
x-amz-request-id
MX4N4GE2P6BTFP1N
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
406
x-amz-id-2
9ebifZrxxFp+ae28Bs5rMEvpEcGAF21H52JXkVi1ty94tirqxDhxC/yEGN4ZrcqLV6RKVkYbhLk=
last-modified
Wed, 31 Aug 2022 15:46:52 GMT
server
openresty
etag
W/"d2c8fb2ca910eadf27baa9157fba21a3"
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 06 Sep 2023 16:24:45 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
ba7bbecfafbdaa5c42febcdcc8cff1181eb9a05af145c171fd397665f68a10f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28522
x-xss-protection
0
server
sffe
etag
"1325 / 185 of 1000 / last-modified: 1662462430"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 06 Sep 2022 16:24:45 GMT
chartbeat.js
www.sltrib.com/pf/resources/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/chartbeat.js?d=306
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
b6322113217b4fac79ad5b27613c9c66d466e67fad90363e743c87df4843acd7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 06 Sep 2022 16:24:45 GMT
content-encoding
gzip
x-amz-request-id
X1FVYPKXXBDR7M1S
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=7
content-length
1314
x-amz-id-2
ZvOYwPb8au8EHiMAMx8Mt1W1TqRWh3g0LiJUPL7dw3xWASmpUMzTUo2hkl+1PIrRwkTKeEUna4k=
last-modified
Wed, 31 Aug 2022 15:46:52 GMT
server
openresty
etag
W/"22d3c7b3a6a4b2de423042230a8a3822"
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 06 Sep 2023 16:24:45 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3600:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 14:46:55 GMT
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
age
5870
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
wuskiQZlcmDCvYTjLG2UFRMheQx_j1FxtYZ3birTAiGPpcEWMSIYwQ==
expires
Tue, 06 Sep 2022 16:46:55 GMT
ad-slider.js
www.sltrib.com/pf/resources/js/ 		730 B
974 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/ad-slider.js?d=306
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
37e4ecedf0ab53a8f928507a9ae337f5871230f4525ce7e8070af4b21c17412d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 06 Sep 2022 16:24:45 GMT
content-encoding
gzip
x-amz-request-id
MX4J5F97PRJGTHS9
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
351
x-amz-id-2
21Q066PGKd+AhVEF1Rueyl2Xvbh+NtXUYydAkGUVtWI3W/ONaIbXbIJl4yezCeMcF72mi3jNTmA=
last-modified
Wed, 31 Aug 2022 15:46:52 GMT
server
openresty
etag
W/"c1aae5ed5833503095f1c285308e8ac3"
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 06 Sep 2023 16:24:45 GMT
ad-blocker.js
www.sltrib.com/pf/resources/js/ 		694 B
997 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/ad-blocker.js?d=306
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
403f82f5023b7899ecc6ea3059c0b29c10d6719e7f8464e0625c8f5d02c9b69c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Tue, 06 Sep 2022 16:24:45 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
MX4P4G037JCA7DMR
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
394
x-amz-id-2
KY0LfB3H6OXiw5KZCZsRX85aSVKI4mimxh9j/mUmpfrXp4qNZsUb2z4DUfxVd3uVisURTgjKlh0=
last-modified
Wed, 31 Aug 2022 15:46:52 GMT
server
openresty
etag
W/"8400f83f0cc8263a503add31576d1164"
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 06 Sep 2023 16:24:45 GMT
piano.js
www.sltrib.com/pf/resources/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/piano.js?d=306
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
f98b036fe5c18078c10069bddcfa1436e7726ac0adc3cb05699b2a07d7112ba6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Tue, 06 Sep 2022 16:24:45 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
MX4S8XSHGX2VXMA6
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
1354
x-amz-id-2
k5iO6MGeYwtZhW1oflIbTGx8GP9LUCPS8/IVWLp+LobYIZoZp9bnNtomJHqO0ZwJWF6wO/5LW84=
last-modified
Wed, 31 Aug 2022 15:46:52 GMT
server
openresty
etag
W/"f1e0b652d86e7f37dc230b98f7253458"
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 06 Sep 2023 16:24:45 GMT
osano.js
cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/ 		406 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:a800:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
ba7b216d6e5a6306668821f071831022c7205627e881f2214659b36b7bdced6a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 15:17:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
4061
x-cache
Hit from cloudfront
content-length
94832
x-xss-protection
mode=block
last-modified
Tue, 06 Sep 2022 15:06:30 GMT
server
CloudFront
x-frame-options
SAMEORIGIN
etag
"6dc4690957b735e27e900a4967bab205"
strict-transport-security
max-age=2592000
content-type
application/javascript; charset=utf-8
via
1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
cache-control
public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
wL_nStueglv6WPV5E4CJo-kQsvjADxOrGZ6n000Kbvo8sn59YoZhqQ==
8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
d3plfjw9uod7ab.cloudfront.net/ 		250 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4000:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
220832d32395cd530c8ae99da60e01530d9c50085df4beb88ee89baafe565a4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
iRdXlQSK1ZeHKBjZfQckYBSQF5JQ_T9b
content-encoding
gzip
last-modified
Thu, 14 Jul 2022 18:51:53 GMT
server
AmazonS3
age
1794
etag
W/"ea7ae9b6a7cf8462226ab5cf71efd0ed"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
cache-control
max-age=3600, public
date
Tue, 06 Sep 2022 16:24:45 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
JFkM4pLf2-ZFnZl5ghPFCEHabFLch7lEUYpTHDpJw-EddXylsjSvYQ==
facebook.js
www.sltrib.com/pf/resources/js/ 		846 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/facebook.js?d=306
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
6a7dd3acbecddc653446803e807cea2b6a85f3c6c1a6cc349b751f5e965647ad
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Tue, 06 Sep 2022 16:24:45 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
MX4RT4X3B5N2QFBZ
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=3
content-length
441
x-amz-id-2
FcZ4RfCjcH8WTtYjmj5gPwaGz8LBbULil5udGaUAGnKGBUMi7aKatAPZ8MuTkhPmRIR3QtJVQpI=
last-modified
Wed, 31 Aug 2022 15:46:52 GMT
server
openresty
etag
W/"88ccd8266f9a877f78c9ea893d8b8afd"
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 06 Sep 2023 16:24:45 GMT
twitter.js
www.sltrib.com/pf/resources/js/ 		805 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/twitter.js?d=306
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
325eb0ed9c4b2173718116d97c78e067f83311ed07570de76d154881bee92947
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl
31536000
x-edgeconnect-origin-mex-latency
83
date
Tue, 06 Sep 2022 16:24:45 GMT
content-encoding
gzip
etag
W/"5a2f1dc2518862e9d5beed543cee9f82"
x-amz-request-id
MX4S3SE4KDKH8SQ2
x-edgeconnect-midmile-rtt
17
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=3
content-length
428
x-amz-id-2
VpjgnDCOzPtmR5h77DNUmOcHyyVGUzyPMHLs1/u9vbV+0Zv/E4ETdAc9mAHQqe9j4c3BsAA0Fmo=
last-modified
Wed, 31 Aug 2022 15:46:52 GMT
server
openresty
x-edgeconnect-cache-status
3
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
arc-country
DE
expires
Wed, 06 Sep 2023 16:24:45 GMT
queryly.v4.js
www.queryly.com/js/ 		46 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.queryly.com/js/queryly.v4.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:497c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3db1711b708e98ad42b7764a019342259e8c5c8fd4d4602fadd8e28b69f0200a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1065
x-powered-by
ASP.NET
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
last-modified
Thu, 11 Aug 2022 16:00:33 GMT
server
cloudflare
etag
W/"80a6a27c9badd81:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZsjSjoTBShL6wdSqru8JB4taBFOKxfifhtgsj4oMQi2cSpfwDoNTOPLvtHGSQPUJ03iv0CHFq4H8VTBRWFbsosn2rFtMbl1FzoxagNkTAUt8ETgVJCFdtx%2B46GDjPvuYEWfAVmc3tW2teTIYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
74688e83f82a698f-FRA
access-control-allow-headers
*
queryly.js
www.sltrib.com/pf/resources/js/ 		137 B
790 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/resources/js/queryly.js?d=306
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
aa21d0ddbc7cb318d1367bab72630267ec09559a269a23672cebf582d36386ca
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Tue, 06 Sep 2022 16:24:45 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
MX4W3V6S4DTTK09C
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=13
content-length
137
x-amz-id-2
D3Zuy6T6kz/T1+9BwHe2KhgsXv2WEy3q0ur9qTDWs1nQyyEYqPz6zA6/79ROflP0ImtMTl9GdmM=
last-modified
Wed, 31 Aug 2022 15:46:52 GMT
server
openresty
etag
W/"6f71954a503275c7a33c5069434fddb5"
strict-transport-security
max-age=86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 06 Sep 2023 16:24:45 GMT
sltrib-advanced-search.js
www.queryly.com/js/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.queryly.com/js/sltrib-advanced-search.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:497c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7c207b3ed9feda70543fb75e8d0172f262a909522db37f7e3e22249a075a2760

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
765
x-powered-by
ASP.NET
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
last-modified
Wed, 05 Jan 2022 20:39:51 GMT
server
cloudflare
etag
W/"8052163742d81:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eB2DO0NyifpLBv9Dc9YEHkCP8RfSnvSXl8lDQUonibQyjnzL4Du48FjnpXKvG%2Bxz8zmZh7IjOVUyGuROdh%2Fd2Kpv%2FOycnkc7XvnTzHbW3NPgQBDGoDTMJuTp1B2HFW6d%2BpF0XkDMxYzr1vyI0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
74688e83f82c698f-FRA
access-control-allow-headers
*
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/pf/resources/js/google-analytics.js?d=306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4965
date
Tue, 06 Sep 2022 15:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 06 Sep 2022 17:02:00 GMT
gtm.js
www.googletagmanager.com/ 		179 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WJJTW7K
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/pf/resources/js/google-tag-manager.js?d=306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
991986e0805c65510fb34a80b27fd9322295700b94bc29ef1c4634a65d5e092e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:45 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63317
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 06 Sep 2022 16:24:45 GMT
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/pf/resources/js/chartbeat.js?d=306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3600:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 14:52:34 GMT
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 00:50:34 GMT
server
nginx
age
5531
etag
W/"62d7515a-933f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
nD5rTETaFqw3csZ_KbkAjqCWDSAEgTObzcmCLxtE9rtcNgaLMknUtw==
expires
Tue, 06 Sep 2022 16:52:34 GMT
d3d3LnNsdHJpYi5jb20=
tcheck.outbrainimg.com/tcheck/check/ 		15 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d3d3LnNsdHJpYi5jb20=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 16:24:45 GMT
ETag
W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=22939
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
de634d6b94eb5c4ea2c281f9de3aa105
Content-Length
15
Expires
Tue, 06 Sep 2022 22:47:04 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:45 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Thu, 06 Oct 2022 16:24:45 GMT
8d82a4d3-a206-4e49-9c15-68d5c36aa42e
analyticssystems.net/api/v2/client/impression/ 		0
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/client/impression/8d82a4d3-a206-4e49-9c15-68d5c36aa42e?rand=297348&referer=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4htQ9iZ%2BtI%2BoiE2jY6N8JNXM61I6lFB4I7V3BU6IW3KsMfEBQ7WcezNO6kuHZDQtpXZye4QcazOBDdxYFspEaqD3pf2tLgzgaVSzMzfU9WNr2IqlNCLVdAYfaSs6DdFiq2jhjblXsi5ancMMChLo%2BWUig%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
74688e856a33bb55-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FxJSGmJsuaGdAs0CtMkS
9435f6e7-15bd-4b66-8d26-df1921144b57
https://www.sltrib.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.sltrib.com/9435f6e7-15bd-4b66-8d26-df1921144b57
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
ppub_config
securepubads.g.doubleclick.net/pagead/ 		288 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.sltrib.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
6a505a2b7124eb5116121cac2dfb5aaaf44fcdeb0596efadcea9a74cd9544400
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 16:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145
x-xss-protection
0
expires
Tue, 06 Sep 2022 16:24:45 GMT
activityi;dc_pre=CMSGpJPKgPoCFYiZGAod8EkCiQ;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908
8208269.fls.doubleclick.net/ Frame 1459
Redirect Chain
  • https://8208269.fls.doubleclick.net/activityi;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908?
  • https://8208269.fls.doubleclick.net/activityi;dc_pre=CMSGpJPKgPoCFYiZGAod8EkCiQ;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908?
527 B
429 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8208269.fls.doubleclick.net/activityi;dc_pre=CMSGpJPKgPoCFYiZGAod8EkCiQ;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908?
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f198.1e100.net
Software
cafe /
Resource Hash
52eafba1583472b19d8a21174e9927f283f21d7525838e9c20a3730f88051812
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
404
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 16:24:45 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 16:24:45 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8208269.fls.doubleclick.net/activityi;dc_pre=CMSGpJPKgPoCFYiZGAod8EkCiQ;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CKKIpJPKgPoCFVgRewodKqEO2Q;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908
8234312.fls.doubleclick.net/ Frame 2E59
Redirect Chain
  • https://8234312.fls.doubleclick.net/activityi;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908?
  • https://8234312.fls.doubleclick.net/activityi;dc_pre=CKKIpJPKgPoCFVgRewodKqEO2Q;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908?
527 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8234312.fls.doubleclick.net/activityi;dc_pre=CKKIpJPKgPoCFVgRewodKqEO2Q;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908?
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f198.1e100.net
Software
cafe /
Resource Hash
855bf45f4e9eb52b5d040f57f8860d7c6ccd7832900b58400c7d3c3ed2d8f320
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
405
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 16:24:45 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 16:24:45 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8234312.fls.doubleclick.net/activityi;dc_pre=CKKIpJPKgPoCFVgRewodKqEO2Q;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
whitecloseicon.png
www.queryly.com/images/ 		816 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.queryly.com/images/whitecloseicon.png
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:497c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:45 GMT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1065
x-powered-by
ASP.NET
content-length
816
last-modified
Thu, 11 Jun 2020 23:20:57 GMT
server
cloudflare
etag
"d7046f64640d61:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BdLkFc21yLROek4GfiOpCs5%2BAqqSumbCEd2fUQF%2FRyW0VmHx1z0bdVDLo4nW3hnR4%2Faiu4t7YB4kgrhR1HkVwZrg2nba2Pk4hxoXwu89xTjskLVrYrlAAkwGTT2qAdrB6BkE1p0oFRTU6Ci8jQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
74688e863b9d698f-FRA
access-control-allow-headers
*
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 11:05:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33333
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Sep 2023 11:05:05 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		197 B
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=sltrib.com&domain=sltrib.com&path=%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7582354aac0b69ddb4805d6c6a5aa500bd1ea1419d1e9180ff7ec248aa75a538

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:45 GMT
content-encoding
gzip
x-cache-hits
1
age
2799
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
155
x-served-by
cache-hhn4059-HHN
access-control-allow-origin
*
x-timer
S1662481486.843224,VS0,VE1
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
via
1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Sun, 04 Sep 2022 15:38:07 GMT
/
cmp.osano.com/ Frame 2FBA 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:a800:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
21480
content-encoding
br
content-type
text/html
date
Tue, 06 Sep 2022 10:26:46 GMT
etag
W/"287b497c992487af362d33204f87d28f"
last-modified
Thu, 21 Oct 2021 22:01:08 GMT
referrer-policy
same-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding Origin
via
1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
x-amz-cf-id
jHyEeaWeENfSOD1Bibs9G36mR_ZV7JF_TvRkrK59h2iebi6ivqe1fQ==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
xT1PkIFehetvNf5lINcU02FbT3u47kBr
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/webp
pubfig.min.js
a.pub.network/sltrib-com/ 		144 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/sltrib-com/pubfig.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f41c74991f832df75862a53468fd4125847bfa3ed7fd898c70955f56a109593

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-goog-hash
crc32c=qkWmGg==, md5=qQtPVVWDRiprKGk2+SLPow==
date
Tue, 06 Sep 2022 16:24:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
346803
x-guploader-uploadid
ADPycduEN-O7SwLKxrzTaVn1EMpF71Au2ZhBV8FLi32ZtAdNYoUQO6zwvYBPTukSErb5EB2jzfxbLVJEW6Ku5WWukzZ6yQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Wed, 31 Aug 2022 22:47:43 GMT
server
cloudflare
etag
W/"a90b4f555583462a6b286936f922cfa3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AmGm3NtcmA0UhIpuDgK7qv%2BpIqRfAGQb76Gc8oknaUB1fjmgVo%2FXiiub5h0stsAVNj4dPOyVgc7LHL6Zz9B0BRwKjxsaj%2B2o6YV8OUAoHavMAnfNxOzgYAnzx0aFi8s4jsayTVHYJO9cdao%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1661354908358736
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
147314
cf-ray
74688e8848b9bbaf-FRA
expires
Fri, 02 Sep 2022 16:05:43 GMT
coral-comments
www.sltrib.com/pf/api/v3/content/fetch/ 		21 B
444 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/api/v3/content/fetch/coral-comments?query=undefined&d=306&_website=sltrib
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/pf/dist/engine/react.js?d=306
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
e41656eb2ba6c6293bf6dd928e5a88cdbc50535cab661c1969e0f598e497ed62
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl
-1
date
Tue, 06 Sep 2022 16:24:46 GMT
server
openresty
arc-country
DE
etag
W/"15-/6VXivhc2MKdLfIkLcUE47K6aH0"
strict-transport-security
max-age=86400
content-type
text/plain; charset=utf-8
x-edgeconnect-cache-status
0
cache-control
max-age=0
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
server-timing
cdn-cache; desc=HIT, edge; dur=58
content-length
21
expires
Tue, 06 Sep 2022 16:24:46 GMT
arc-single-story
www.sltrib.com/pf/api/v3/content/fetch/ 		30 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.sltrib.com/pf/api/v3/content/fetch/arc-single-story?query=%7B%22articlePath%22%3A%22%2Fnews%2F2022%2F09%2F04%2Fmoral-imperative-overflow%22%7D&d=306&_website=sltrib
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/pf/dist/engine/react.js?d=306
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
c41306714d2e4215494e69b0c308709cf70e7e4eb5bb5dfa02cee392bb8a44db
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
If-Modified-Since
1662481151289
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl
251, 251
date
Tue, 06 Sep 2022 16:24:46 GMT
content-encoding
gzip
last-modified
Tue, 06 Sep 2022 16:19:11 GMT
server
openresty
arc-country
DE
etag
W/"77e5-BgTejT4J0eTbKi/nzJM+h8OtduY"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
max-age=0
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=283, origin; dur=46
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
strict-transport-security
max-age=86400
content-length
7938
expires
Tue, 06 Sep 2022 16:24:46 GMT
menu.svg
www.sltrib.com/pf/resources/svg/ 		222 B
776 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/pf/resources/svg/menu.svg?d=306
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
9041f63adc7ef5badf30edfdd51d94832df52c6a93c52ba91ea270c107847b82
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Tue, 06 Sep 2022 16:24:46 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
YBWWMSS1RD41HVPH
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=17
content-length
188
x-amz-id-2
m97RMixxR2EbkNfuCzx4ZqStVc0GTZ/zxyxa3ANba+hatWH+P6ASaW88PgwcN+gHdUut7/2AGTk=
last-modified
Wed, 31 Aug 2022 15:46:52 GMT
server
openresty
etag
W/"2ad563e730ce63c718f6dbed5962a52a"
strict-transport-security
max-age=86400
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 06 Sep 2023 16:24:46 GMT
search-black.svg
www.sltrib.com/pf/resources/img/ 		562 B
970 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/pf/resources/img/search-black.svg?d=306
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
8f850627aa46412b56450f99c309fbfa8786f65a46b59746223cc135e2535b46
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Tue, 06 Sep 2022 16:24:46 GMT
content-encoding
gzip
x-amz-request-id
CB8HV9FAETMPQ0QY
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=23
content-length
341
x-amz-id-2
BO8hyXYlbP4F5hpi3HN38wpUAHKj0GPHYFcAMM/oI4VViR+ieOtPmLYjQ2+fZA1M8QZskU+GEKI=
last-modified
Wed, 31 Aug 2022 15:46:52 GMT
server
openresty
etag
W/"e3b2768d3f06bb7e6e903817ba832bf1"
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 06 Sep 2023 16:24:46 GMT
Trib_masthead_top_000000.svg
www.sltrib.com/pf/resources/svg/ 		14 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/pf/resources/svg/Trib_masthead_top_000000.svg?d=306
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
a6b9ca255d1b81f64849a3e0412ee94a858f10baafb862bfd715541afdb012df
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 06 Sep 2022 16:24:46 GMT
content-encoding
gzip
x-amz-request-id
YBWTS8ZQBQG06JKK
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=17
content-length
4810
x-amz-id-2
y8SHHTStPgbbBtzFIF4ec9vYUVSk02QHspjOx33mukzOe+iHd3TG2p1kK/bOxAYGAdZ1Kky2Yg4=
last-modified
Wed, 31 Aug 2022 15:46:53 GMT
server
openresty
etag
W/"0a6e5f60fd6a9d23f560d424745802f9"
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 06 Sep 2023 16:24:46 GMT
person.svg
www.sltrib.com/pf/resources/svg/ 		291 B
828 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sltrib.com/pf/resources/svg/person.svg?d=306
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
f8a691e6f523905cca35f8488a78ceadbaa81c057adf1b5a4817871ad27bf787
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 06 Sep 2022 16:24:46 GMT
content-encoding
gzip
x-amz-request-id
YBWZ4M4AEBH5WJ9R
arc-country
DE
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=14
content-length
222
x-amz-id-2
kzcAbZio5/u2S79D+oE5TaLkSyje6f+xhgc1j1nOFRnpz5mw08/qN9WREA2MwuQFjbt63HCnUMc=
last-modified
Wed, 31 Aug 2022 15:46:52 GMT
server
openresty
etag
W/"0b49da62bedb71c6594b7421f72768e1"
vary
Accept-Encoding
strict-transport-security
max-age=86400
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
expires
Wed, 06 Sep 2023 16:24:46 GMT
asyncPixelSync
pixel.sitescout.com/dmp/ Frame D485
Redirect Chain
  • https://pixel-a.basis.net/dmp/asyncPixelSync
  • https://pixel.sitescout.com/dmp/asyncPixelSync
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0,no-cache,no-store
date
Tue, 06 Sep 2022 16:24:46 GMT
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
server
AC1.1

Redirect headers

content-length
0
location
https://pixel.sitescout.com/dmp/asyncPixelSync
asyncPixelSync
pixel.sitescout.com/dmp/ Frame D724
Redirect Chain
  • https://pixel-a.basis.net/dmp/asyncPixelSync
  • https://pixel.sitescout.com/dmp/asyncPixelSync
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0,no-cache,no-store
date
Tue, 06 Sep 2022 16:24:46 GMT
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
server
AC1.1

Redirect headers

content-length
0
location
https://pixel.sitescout.com/dmp/asyncPixelSync
dda8255d32e6482d
pixel.sitescout.com/iap/
Redirect Chain
  • https://pixel-a.basis.net/iap/dda8255d32e6482d
  • https://pixel.sitescout.com/iap/dda8255d32e6482d
0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/iap/dda8255d32e6482d
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 16:24:45 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location
https://pixel.sitescout.com/iap/dda8255d32e6482d
content-length
0
1ea036853c174e3a
clickserv.sitescout.com/conv/
Redirect Chain
  • https://clickserv.basis.net/conv/1ea036853c174e3a
  • https://clickserv.sitescout.com/conv/1ea036853c174e3a
43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clickserv.sitescout.com/conv/1ea036853c174e3a
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Server
66.155.71.179 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 16:24:46 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control
max-age=0,no-cache,no-store
content-type
image/gif
content-length
43
expires
Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location
https://clickserv.sitescout.com/conv/1ea036853c174e3a
content-length
0
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=sltrib.com&p=%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&u=CsUJLXDt9rOpDk5yB7&d=sltrib.com&g=65212&g0=News&g1=Peggy%20Fletcher%20Stack&n=1&f=00001&c=0&x=0&m=0&y=3705&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1583&t=Dmed0SCPJL3oYnO6Nr5jfFClp_39&V=136&i=Richest%20Utah%20native%20vows%20to%20give%20away%2090%25%20of%20his%20billions&tz=0&_hottopic=&sn=1&sv=D6QYnBoaZFHDIseDgvxQjyB9OjB8&sd=1&im=067b2ff3&_
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.134.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-134-239.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 16:24:46 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
js
www.googletagmanager.com/gtag/ 		203 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DC2TJEE08T&l=dataLayer&cx=c
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
50f0a3cbc5da185ccf818b599a8a6b0571c520465ad0a830f4d7b3833770241b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:46 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73973
x-xss-protection
0
expires
Tue, 06 Sep 2022 16:24:46 GMT
connatix.playspace.dc.js
cds.connatix.com/p/180443/ Frame 62D6
Redirect Chain
  • https://cd.connatix.com/connatix.playspace.js
  • https://cds.connatix.com/p/180443/connatix.playspace.dc.js
993 KB
226 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/180443/connatix.playspace.dc.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0f1928c0a2274141ca7ba973c6098bb259a335c6ecc1969fed7ce92fea6a744d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:46 GMT
content-encoding
br
last-modified
Tue, 06 Sep 2022 13:02:19 GMT
age
11991
etag
"4a8ab99c99f1c747017180ef559d1765"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
231019

Redirect headers

location
https://cds.connatix.com/p/180443/connatix.playspace.dc.js
date
Tue, 06 Sep 2022 16:24:46 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
content-length
0
access-control-max-age
86400
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1662481486236&sessionId=0ca356fc-c910-11c2-0a25-de7de6b5ec29&url=www.sltrib.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.31 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Sep 2022 16:24:46 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
8eb1ebc1363d2b665525864828cc8b33
Content-Length
4
Expires
0
advertising.js
www.npttech.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5476 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
562
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
W21G5BEW7RCCHDT7
x-amz-id-2
Zu6ILWClLDymSszCekw1FgRgMXhY9/GZQ0NEsF2aH+IaAnsD6k2rY0pXHao7xZEqORbyGvE2I48=
last-modified
Wed, 19 Jun 2019 08:25:01 GMT
server
cloudflare
etag
W/"3d6f80c860866175f58a84bbbc9217c6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czynt3Pgpx1LMH9gwc61f3JTxxp%2FplDmFRx%2B%2BrvF2np0hBz2Dda%2FjWG4LVrZSAtaAFPNgwvZ1i%2B0VZIUD%2FomWHHit5cypplInaxmobS7Q55F0aJh5y7VxskK1Y0JN%2BsjuegH58ASEEscG6iPWfs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
x-amz-version-id
hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray
74688e894f9e68ef-FRA
load
experience.tinypass.com/xbuilder/experience/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=vxCIN3E3cT
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80829916dd7461f45b5709b63546ac24d8542434932a530ba5b6833857e91a76
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:46 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
HIT
age
3578
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Mw5oshrMxWM
wn
prod-exp-10-0-132-165
last-modified
Tue, 06 Sep 2022 15:25:08 GMT
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=1800
cf-ray
74688e894c419016-FRA
expires
Tue, 06 Sep 2022 16:54:46 GMT
/
adservice.google.com/ddm/fls/i/dc_pre=CMSGpJPKgPoCFYiZGAod8EkCiQ;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib... Frame 27A2 		526 B
873 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CMSGpJPKgPoCFYiZGAod8EkCiQ;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Requested by
Host: 8208269.fls.doubleclick.net
URL: https://8208269.fls.doubleclick.net/activityi;dc_pre=CMSGpJPKgPoCFYiZGAod8EkCiQ;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf3929157d670f667a9bb26cde627336484607dfc6d14205d3ebaf20327eb96c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8208269.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
404
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 16:24:46 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
adservice.google.com/ddm/fls/i/dc_pre=CKKIpJPKgPoCFVgRewodKqEO2Q;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib... Frame 50CF 		526 B
475 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CKKIpJPKgPoCFVgRewodKqEO2Q;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Requested by
Host: 8234312.fls.doubleclick.net
URL: https://8234312.fls.doubleclick.net/activityi;dc_pre=CKKIpJPKgPoCFVgRewodKqEO2Q;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b6c3d07d92d112790d9841c3530d6c59ed74684ed7242c3ce5b9418ecf2cc2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8234312.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
405
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 16:24:46 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
init
d.pub.network/v2/ 		73 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/v2/init?siteId=2607&env=PROD
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
b3f88ad1f01a66d7cb30dc2f5754b2f0eecaf5dace58c8537c4d990c1c44daf4

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:46 GMT
content-encoding
gzip
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
/
adservice.google.de/ddm/fls/i/dc_pre=CMSGpJPKgPoCFYiZGAod8EkCiQ;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib.... Frame 9141 		194 B
870 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CMSGpJPKgPoCFYiZGAod8EkCiQ;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CMSGpJPKgPoCFYiZGAod8EkCiQ;src=8208269;type=sltri0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
177
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 16:24:46 GMT
expires
Tue, 06 Sep 2022 16:24:46 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
f4c59997-cc4a-4338-a2ed-b7bc15553f6c
https://www.sltrib.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.sltrib.com/f4c59997-cc4a-4338-a2ed-b7bc15553f6c
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
/
8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CKKIpJPKgPoCFVgRewodKqEO2Q;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www... Frame D1FF
Redirect Chain
  • https://adservice.google.de/ddm/fls/i/dc_pre=CKKIpJPKgPoCFVgRewodKqEO2Q;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www...
  • https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CKKIpJPKgPoCFVgRewodKqEO2Q;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=htt...
845 B
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CKKIpJPKgPoCFVgRewodKqEO2Q;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKKIpJPKgPoCFVgRewodKqEO2Q;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f198.1e100.net
Software
cafe /
Resource Hash
b3074e2cf0b12bcf10b46ed42bbe45b43ddfb868a7434b8e7b45ec387924c09a
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
506
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 16:24:46 GMT
expires
Tue, 06 Sep 2022 16:24:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 16:24:46 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CKKIpJPKgPoCFVgRewodKqEO2Q;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
tinypass.min.js
cdn.tinypass.com/api/ 		324 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6b10e6c3a812d3cb7081fa6014bc5aa6f8fbee831adbddc5df3bb5da8e1ac05
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:46 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
10167
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
FTENNF2W9JTHT1EC
x-amz-id-2
u+p3E033UqXBFtqvquHlAv2svBESENHf5zhBeHr+E8KqvJ8slOkwyuYshrKjBo8Fni3YVm8Ab6o=
last-modified
Mon, 05 Sep 2022 08:19:40 GMT
server
cloudflare
etag
W/"799d3dd9a4843df3fe80c8bbaa685990"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
cache-control
public, max-age=14400
x-amz-version-id
iTF4N7Ez6s3srL2g2fa0GHN8xp7UIlFP
cf-ray
74688e8a3d409016-FRA
expires
Tue, 06 Sep 2022 20:24:46 GMT
hls.29b1ff4c2227d65c148f.js
cds.connatix.com/p/180443/ Frame 62D6 		0
47 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/180443/hls.29b1ff4c2227d65c148f.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:46 GMT
content-encoding
br
last-modified
Tue, 06 Sep 2022 13:02:20 GMT
age
11907
etag
"6afc7b7af39473a7dafdce3cf56dbd12"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
48331
asyncPixelSync
pixel.sitescout.com/dmp/ Frame 6C37
Redirect Chain
  • https://pixel-a.basis.net/dmp/asyncPixelSync
  • https://pixel.sitescout.com/dmp/asyncPixelSync
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by
Host: 8234312.fls.doubleclick.net
URL: https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CKKIpJPKgPoCFVgRewodKqEO2Q;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash

Request headers

Referer
https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CKKIpJPKgPoCFVgRewodKqEO2Q;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0,no-cache,no-store
date
Tue, 06 Sep 2022 16:24:45 GMT
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
server
AC1.1

Redirect headers

content-length
0
location
https://pixel.sitescout.com/dmp/asyncPixelSync
9f30138796dc7a6a
pixel.sitescout.com/iap/ Frame D1FF
Redirect Chain
  • https://pixel-a.basis.net/iap/9f30138796dc7a6a
  • https://pixel.sitescout.com/iap/9f30138796dc7a6a
0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/iap/9f30138796dc7a6a
Requested by
Host: 8234312.fls.doubleclick.net
URL: https://8234312.fls.doubleclick.net/ddm/fls/r/dc_pre=CKKIpJPKgPoCFVgRewodKqEO2Q;src=8234312;type=saltl0;cat=websi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8942131539189.908;~oref=https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8234312.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 16:24:46 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location
https://pixel.sitescout.com/iap/9f30138796dc7a6a
content-length
0
get.js
buy.tinypass.com/api/v3/anon/captcha/ 		153 B
410 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=vxCIN3E3cT
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c875aa15f9b7c057d93a44931cc4518fa89641cda38843c434f102c6f9afe40d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:46 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
EXPIRED
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
MaxqshrvU3i
pragma
wn
prod-dash-10-0-114-196
last-modified
Tue, 06 Sep 2022 16:18:03 GMT
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
server-time
0.001
cache-control
public, max-age=1200
cf-ray
74688e8afe659016-FRA
expires
Tue, 06 Sep 2022 16:44:46 GMT
execute
c2.piano.io/xbuilder/experience/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=vxCIN3E3cT
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6f752800c0ade3a40f24bf1abfbda4144daf62e3310cbe1bb99fbcc28106150
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 06 Sep 2022 16:24:46 GMT
content-encoding
br
vary
Accept-Encoding, Origin
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
v2ltn5nkep
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.sltrib.com
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
74688e8b2c6691e9-FRA
8fe91889-b61b-4813-b65c-b8beb7404bcb
https://www.sltrib.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.sltrib.com/8fe91889-b61b-4813-b65c-b8beb7404bcb
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
8d82a4d3-a206-4e49-9c15-68d5c36aa42e
analyticssystems.net/api/v2/alerts/net/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analyticssystems.net/api/v2/alerts/net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 06 Sep 2022 16:24:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fmQsZOJ%2FP3IYN6nA%2Bzo%2FVdEzKCp5uofykaUKaGBEBmcSvOlOOoOq%2Bcq62uD49yX3G21YsKcQgi89nN1VseDpgQYNcgK5piorC41c4EbbWu25w2dHIKw6OZHUWmtx3liDako6Vi7rzq5Yv9v%2Bh9bLcpPQyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
74688e8b99c19012-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FxJSGp2pwV_WB0MAZiWB
show
buy.tinypass.com/checkout/offer/ Frame 0C00 		611 KB
58 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-Y9Yd3&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=2124059250.1662481485&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=fb5b9eb4fa
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09c4ec5323f99cb59c0eecb9c263881c9b883eead9caa349f5dc448de639b19a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
74688e8c5a956973-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Tue, 06 Sep 2022 16:24:46 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
no-cache
server
cloudflare
server-time
0.041
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-128-77
x-forwarded-https
on
x-request-id
MaxqshrNkrw
x-xss-protection
0
checkout.bundle.1.1.css
buy.tinypass.com/widget/dist/checkout/css/ Frame 0C00 		304 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/checkout/css/checkout.bundle.1.1.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-Y9Yd3&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=2124059250.1662481485&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=fb5b9eb4fa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68326de2e78eee8040cc7dc6181ca15a8e16ca1951aab55899caeb9ac01952df
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-Y9Yd3&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=2124059250.1662481485&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=fb5b9eb4fa
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:46 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
2966
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn
prod-dash-10-0-123-85
last-modified
Mon, 05 Sep 2022 15:19:44 GMT
server
cloudflare
etag
W/"311725-1662391184000"
strict-transport-security
max-age=86400; includeSubDomains
content-type
text/css
server-time
0.000
cache-control
public, max-age=7200
cf-ray
74688e8d9c9c6973-FRA
expires
Tue, 06 Sep 2022 18:24:46 GMT
platform-translation-map_en_US.js
buy.tinypass.com/ng/common/i18n/ Frame 0C00 		65 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=14.264.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-Y9Yd3&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=2124059250.1662481485&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=fb5b9eb4fa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f30edfff18f6ab829328a8320017953bcdeece5bc1c9420ce63ec13313ee49d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-Y9Yd3&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=2124059250.1662481485&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=fb5b9eb4fa
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:46 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
10166
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn
prod-dash-10-0-81-85
last-modified
Mon, 05 Sep 2022 01:55:20 GMT
server
cloudflare
etag
W/"66541-1662342920000"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript;charset=UTF-8
server-time
0.001
cache-control
public, max-age=86400
cf-ray
74688e8d9c9e6973-FRA
expires
Wed, 07 Sep 2022 16:24:46 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 0C00 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-Y9Yd3&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=2124059250.1662481485&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=fb5b9eb4fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
428246
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30360
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VdVtrB7eNxBfbFtQUYcLI2%2FhtEnOw7bTWM2AVFz41%2BLa0Xl62d9saG8b2TcI%2BrMuX2bWWrECt51PE%2BRXgpUBDMSffFo1U5b7B3amtcTbY4Ik8KwSEkCB0ypbg5N0FE2%2F4c%2F44%2FyuocY%2FdGJeC40rnVUl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74688e8db93891fc-FRA
expires
Sun, 27 Aug 2023 16:24:46 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 0C00 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-Y9Yd3&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=2124059250.1662481485&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=fb5b9eb4fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4822284
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3550
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRKFUzvPAYsQB3zvBtkHFv9ftqhKh68uqJ%2BXYGFIXv2IqGafhvwiZLi8KNb12JgvqW5zZVC3c5vZQXTo0gNCewlSqW9%2F6CjXg%2BPcOjmpVL88%2B%2FMG1vTAL4SAZDZ1PXqTlkPrDc6lfcB7nPFgwzmj%2FGKc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74688e8db93a91fc-FRA
expires
Sun, 27 Aug 2023 16:24:46 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 0C00 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-Y9Yd3&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=2124059250.1662481485&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=fb5b9eb4fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1120028
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35086
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xMVQDBiCOr%2BeXZnZ74XxRvCMLNd4R%2FPpr4bsn%2FFCTgKLprJL11vE469OHu8ut7NKLvB%2ByfVpLm3Ea8AuVpWE71JsxpgSV7a1A79%2Btdgx9Q%2BnNmuuJwJKY4%2FFDvwazjfmiK7mZec31niCLj6LhKRs%2FT7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74688e8db93b91fc-FRA
expires
Sun, 27 Aug 2023 16:24:46 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 0C00 		825 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-Y9Yd3&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=2124059250.1662481485&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=fb5b9eb4fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
8977436
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
434
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cnng8xKvQ%2BH2vw5Eovo8GYQPt1O%2Fpl3FFcMzx0AdJ2z%2FatD2lyZW7ESmevn575LuIIm%2FqwbLla50g1iX6Db8Q844g%2BUZNafTcA5P%2F5fKnjptnT2BuKxsQER3lTDKoe4WEFZxDgal5CH%2FX0jpEy7ZxHhP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74688e8db93c91fc-FRA
expires
Sun, 27 Aug 2023 16:24:46 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 0C00 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-Y9Yd3&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=2124059250.1662481485&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=fb5b9eb4fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6697664
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2171
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=roXVRnQe7xFxKf95KsGb9kKkIuzj2B1wIqCjDZYMKl%2BWZm7dKIW3kR5D3s4NXEKv%2Br54gZeEhpKjG7uVGumLOG4Kn8aNY8HE8%2BllmASTdbRmdk6%2ByhfFZ4AH1YOAT5UaR3QggIu%2FQCxeK3pcWeIi4j%2Ba"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74688e8db93e91fc-FRA
expires
Sun, 27 Aug 2023 16:24:46 GMT
angular-touch.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 0C00 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-touch.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-Y9Yd3&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=2124059250.1662481485&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=fb5b9eb4fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7135861f8a8768636a90c4fb777082380c84194319273624e88004ab2b9d98d2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3524267
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1321
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-ce0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wtFf3QH7lc2P1aMC9KnpMnPNPtLQAi0kmBelPcBLtNFxqMScCzW%2FCSoALe4vsCnLiYQ8JL6mPcQgXgbDX2meEU1yF3725WbRJ8H48B87xdgia4ar0E2Rvfbhkt2e1OKYJU%2BWRpPAyccZmppQct7vt%2FBB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74688e8db94091fc-FRA
expires
Sun, 27 Aug 2023 16:24:46 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 0C00 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-Y9Yd3&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=2124059250.1662481485&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=fb5b9eb4fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6697170
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
953
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z5cgQQ%2Bbhy%2B7IOYnwNqA4PpDnnKg%2Fl5rvtQubYL5CZmW7pJwaJttHfKaMS6kZR8hEPkNyK%2FedsFmAa9eYTucwFOKEh9SacB7mIkMtSZK%2F2qcBG5ZkywVXE0soCkPXQkkFasbXAJZTu84AS7CrD74qCN7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74688e8db94291fc-FRA
expires
Sun, 27 Aug 2023 16:24:47 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 0C00 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-Y9Yd3&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=2124059250.1662481485&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=fb5b9eb4fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
430222
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7490
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q7JJtZi9VmwMjlOpsbMA9REOo1DIcV2VGsaQXbMlvNlmLB2wXrrcV7gXFzGs5ef6HzHXH6d72kAwH6W0RO56U9NxzdEgn51%2F%2B1AdUqb3kaI7JZH3bewZ5QHgahV1jT2i8jnWaphX954V1CtuM%2FZC1IBL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74688e8db94f91fc-FRA
expires
Sun, 27 Aug 2023 16:24:47 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 0C00 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-Y9Yd3&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=2124059250.1662481485&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=fb5b9eb4fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5336555
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
910
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-93c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S2OjuhGWo3jTIpvGRDh%2FrP4yOptuMykjJ6M3jxntArxgoADuUi8Aw0VemDWAtFY%2FuiEDmV3zS3vTqEAKdvdPyR9BemmUXHJ362sYrKHaoyRnPWYzl4sMRpkKWd30VW7OyQt4qn%2Fcw58kOwdJ%2F1zsDxVw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74688e8db94e91fc-FRA
expires
Sun, 27 Aug 2023 16:24:47 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 0C00 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-Y9Yd3&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=2124059250.1662481485&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=fb5b9eb4fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1703709
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6934
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-4f8f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2IwtDD3pMoVs8XBNIynPxg6GcYIVuCSRFtQkUfwEVN4kKWrIwOym2b1UJtR0YMI7JiDxUEmc1ZT4IkO0whV21sZ3U6uZkMuTs2bMSgxfS3E8uLlj1KWzxn99GJM2sfnFXoVzMG0K8M2FoJsphB3NfK6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74688e8db94c91fc-FRA
expires
Sun, 27 Aug 2023 16:24:47 GMT
anime.min.js
cdnjs.cloudflare.com/ajax/libs/animejs/3.1.0/ Frame 0C00 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animejs/3.1.0/anime.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-Y9Yd3&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=2124059250.1662481485&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=fb5b9eb4fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7c439ef85646d5f8f9315c229280bea356af66ad56d2eee09d03ebedd2c2d2f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2322733
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6344
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d2a-4377"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDIOctvvJyypq0C0vkpm%2FW9Rdl%2FM%2ByMRDIQtYoOpAGZ0GrH0LxISRQ8K3U7JjAJjU1MNDv6STKOpcg69E1fyQrWwswOmU1mcCegmiDSsuCyPvTpVEUgRe4Hs7Mjlf3PnpdKNTY10Itt%2BQx7Mb1pJjDRa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74688e8db94391fc-FRA
expires
Sun, 27 Aug 2023 16:24:46 GMT
/
js.stripe.com/v3/ Frame 0C00 		327 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-Y9Yd3&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=2124059250.1662481485&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=fb5b9eb4fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
5c1a97171b0ac89a0ba20428ba069f1db2fcdb96280b99f991fcffe743eca72e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
8
x-cache
Hit from cloudfront
date
Tue, 06 Sep 2022 16:24:47 GMT
via
1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 19:27:27 GMT
server
Cloudfront
etag
W/"c60bded5fc23fe5642fa6fa5eed6fe25"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
FRA6-C1
timing-allow-origin
*
x-amz-cf-id
BYXvzraffLjEkO0eHAonIIrPMb779P9ycLooI5PLSeP-Ig4J9pk2tQ==
H4sIAAAAAAAAAD3IMQ7CMAwAwA_hmCSt1B0xsDCxV6ljlRQ3kXAMPL8bNx5-S165Yy7akZ5Mr2Yd9pZNGDdFMu1th8VqFnaf3-V2j9dIjxl8GM_RD1McTyhlUUx1NUlv8C64ELD4qf5PGiXhmSuYuk0PjPMdMnYAAAA
buy.tinypass.com/_sam/ Frame 0C00 		623 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IMQ7CMAwAwA_hmCSt1B0xsDCxV6ljlRQ3kXAMPL8bNx5-S165Yy7akZ5Mr2Yd9pZNGDdFMu1th8VqFnaf3-V2j9dIjxl8GM_RD1McTyhlUUx1NUlv8C64ELD4qf5PGiXhmSuYuk0PjPMdMnYAAAA?compressed=true&v=14.264.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-Y9Yd3&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=2124059250.1662481485&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=fb5b9eb4fa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c37ae406fb7482d4272fdad17a3dc6ccfa9b0dfc3bf06ee6636855ed0eb382b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-Y9Yd3&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=2124059250.1662481485&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=fb5b9eb4fa
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:47 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1211
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn
prod-dash-10-0-128-77
last-modified
Mon, 05 Sep 2022 15:29:38 GMT
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
content-type
text/javascript
server-time
0.003
cache-control
public, max-age=603589
x-optimized-by
_sam
cf-ray
74688e8d9ca06973-FRA
expires
Tue, 13 Sep 2022 16:04:35 GMT
sltrib_masthead_new_subtext_white.png
local.sltrib.com/marketing/ Frame 0C00 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://local.sltrib.com/marketing/sltrib_masthead_new_subtext_white.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-Y9Yd3&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=2124059250.1662481485&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=fb5b9eb4fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.220.201 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host3.utahdigitalservices.com
Software
Apache /
Resource Hash
99864675faf8dea302b09f4905d80f32a6ca510c9b1118d2692e0df0241c637d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:47 GMT
last-modified
Thu, 24 Dec 2020 18:51:09 GMT
server
Apache
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
28188
expires
Thu, 06 Oct 2022 16:24:47 GMT
trib_logo_white.png
local.sltrib.com/graphics/ Frame 0C00 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://local.sltrib.com/graphics/trib_logo_white.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-Y9Yd3&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=2124059250.1662481485&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=fb5b9eb4fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.220.201 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host3.utahdigitalservices.com
Software
Apache /
Resource Hash
1a5414e59027131d5ac994ba4fe4386b491145f34e86c9ffe90fb7ea968bcf0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:47 GMT
last-modified
Thu, 13 Feb 2020 21:57:37 GMT
server
Apache
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
9584
expires
Thu, 06 Oct 2022 16:24:47 GMT
embed.js
sltrib.coral.coralproject.net/assets/js/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sltrib.coral.coralproject.net/assets/js/embed.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.156.29 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
29.156.244.35.bc.googleusercontent.com
Software
/
Resource Hash
01d6fdcdfb196cb3a9e6d29c26f16be5449973ea5801c8a19812e62edc8b1375
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
x-content-type-options
nosniff
age
1018
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17051
x-xss-protection
1; mode=block
x-trace-id
0dfd2370-2dfe-11ed-b2ba-2dec812169b1
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 08 Jun 2022 14:34:40 GMT
date
Tue, 06 Sep 2022 16:07:49 GMT
vary
Accept-Encoding
content-language
en-US
via
1.1 google
cache-control
public, max-age=1800, s-max-age=604800
etag
W/"429b-18143bd2c00"
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=34716452&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&ul=en-us&de=UTF-8&dt=Richest%20Utah%20native%20vows%20to%20give%20away%2090%25%20of%20his%20billions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEABAAAAAC~&jid=823260640&gjid=1819060774&cid=2124059250.1662481485&tid=UA-26935592-1&_gid=1857288959.1662481485&_r=1&_slc=1&cd2=Peggy%20Fletcher%20Stack&cd3=News&cd4=2021-11-16T15%3A00%3A00Z&cd5=RWVDIZUM65EOZBQQROIXZVTZJ4&cd6=Richest%20Utah%20native%20vows%20to%20give%20away%2090%25%20of%20his%20billions&cd8=&cd9=&cd7=anon&z=652230602
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 16:24:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
m-outer-e52e635988f6f4658a329b4b948f1007.html
js.stripe.com/v3/ Frame 6477 		186 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-e52e635988f6f4658a329b4b948f1007.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
5903ac62a504525a0c57b90ed548c2415f542e242d4c64edd369db6cf82aab6f
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://buy.tinypass.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1554
cache-control
max-age=31536000
content-length
186
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 06 Sep 2022 15:59:09 GMT
etag
"e52e635988f6f4658a329b4b948f1007"
last-modified
Fri, 02 Sep 2022 18:36:32 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
x-amz-cf-id
T1zJs0ZNUMRbhmfw4pLdsZEuXjJtdCBZqxabuTZjvXmfm7HrnE-LwA==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
collect
stats.g.doubleclick.net/j/ 		4 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-26935592-1&cid=2124059250.1662481485&jid=823260640&gjid=1819060774&_gid=1857288959.1662481485&_u=aGBAAEAAAAAAAC~&z=2106895169
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 06 Sep 2022 16:24:47 GMT
content-type
text/plain
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
csp-report
q.stripe.com/ Frame 6477 		0
571 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 06 Sep 2022 16:24:47 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
28
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 6477 		0
572 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 06 Sep 2022 16:24:47 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
20
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-a0304d3ea31e8647892809f01854788c.js
js.stripe.com/v3/fingerprinted/js/ Frame 6477 		526 B
1018 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-a0304d3ea31e8647892809f01854788c.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-e52e635988f6f4658a329b4b948f1007.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-e52e635988f6f4658a329b4b948f1007.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
via
1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
3
x-cache
Hit from cloudfront
date
Tue, 06 Sep 2022 16:24:47 GMT
content-length
526
last-modified
Fri, 02 Sep 2022 18:36:32 GMT
server
Cloudfront
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
A8rU2VKKA1n3lzbHiyZ4rfL1njpe_MJecp6ZmVwUcudLt-tqenFmDg==
trackShow
buy.tinypass.com/checkout/offer/ Frame 0C00 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/offer/trackShow
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
723d8ab168028df966846ab9eb8bccf8914eae29f6fee3a13550f01cab3ddea0
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json;charset=UTF-8
Accept
application/json, text/plain, */*
Ng-Request
1
Referer
https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OTB63GH3ELLS&offerId=OFB02CG2O32L&formNameByTermId=%7B%7D&showCloseButton=false&checkoutFlowId=CFARI84CUENW&experienceId=EXV9KYU35KZO&widget=offer&iframeId=offer-0-Y9Yd3&url=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&gaClientId=2124059250.1662481485&aid=vxCIN3E3cT&zone=Web&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=fb5b9eb4fa
X-Requested-With
XMLHttpRequest
Piano-request-without-spinner
1

Response headers

date
Tue, 06 Sep 2022 16:24:47 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
0
x-request-id
MbxqshrqDhl
pragma
no-cache
wn
prod-dash-10-0-114-196
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
access-control-allow-methods
*
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buy.tinypass.com
cache-control
no-cache, no-store, must-revalidate
server-time
0.002
cf-ray
74688e8f7f026973-FRA
expires
Thu, 01 Jan 1970 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-26935592-1&cid=2124059250.1662481485&jid=823260640&_u=aGBAAEAAAAAAAC~&z=188983934
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 16:24:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-26935592-1&cid=2124059250.1662481485&jid=823260640&_u=aGBAAEAAAAAAAC~&z=188983934
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 16:24:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
performanceMetrics
buy.tinypass.com/api/v3/anon/assets/ 		166 B
508 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/assets/performanceMetrics?tbc=%7Bkpex%7DLNt2eXi4EWk0HoY6_o2ZU_lxhbrzWcPnxW_b7ZCqNfS5pf0_vV9rLVpkglB9hydZ&aid=vxCIN3E3cT&user_provider=piano_id&user_token=&callApiJsonp=true&callback=jsonp4944
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46f8c97ddbc212676966a87dddf312c90267a1d8c8ac1ca0165ecb78cdb3846b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74688e8fffca6973-FRA
date
Tue, 06 Sep 2022 16:24:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
wn
prod-dash-10-0-114-79
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
p3p
CP="NON DSP COR OUR IND"
server-time
0.001
cache-control
public, max-age=86400, s-maxage=86400
x-forwarded-https
on
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
MbxqshrElLQ
inner.html
m.stripe.network/ Frame 9F56 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-a0304d3ea31e8647892809f01854788c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-96.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
287
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 06 Sep 2022 16:20:01 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-id
EE0PrBq-IsN1gLSsjDpsEitWk98RA1VKT3AEgX514Hxd-Qs1DoAjig==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame 9F56 		0
345 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 16:24:47 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
28
x-robots-tag
none
content-length
0
x-content-type-options
nosniff
expires
0
out-4.5.42.js
m.stripe.network/ Frame 9F56 		86 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-96.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
age
45
date
Tue, 06 Sep 2022 16:24:30 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
cache-control
max-age=300, public
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
tX8-9bV1Q3qnnlL447XjpgcptDvzxhsjFexMejxDudMRdl9Xq_xCvw==
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
6
m.stripe.com/ Frame 9F56 		156 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.202.99 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-202-99.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
6b1cd613d758005511cceb6bb0c86a1a2a1a5d31c62ea1145034576ec73ee63c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 06 Sep 2022 16:24:48 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=sltrib.com&p=%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&u=CsUJLXDt9rOpDk5yB7&d=sltrib.com&g=65212&g0=News&g1=Peggy%20Fletcher%20Stack&n=1&f=00001&c=0.03&x=0&m=0&y=4229&o=1600&w=1200&j=30&R=1&W=0&I=0&E=2&e=2&r=&b=1583&t=Dmed0SCPJL3oYnO6Nr5jfFClp_39&V=136&tz=0&_hottopic=&_acct=anon&sn=2&sv=D6QYnBoaZFHDIseDgvxQjyB9OjB8&sd=1&im=067b2ff3&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.134.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-134-239.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 16:24:48 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
connatix.playspace.css
cds.connatix.com/p/180443/ 		105 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/180443/connatix.playspace.css
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e8ca23a252b58a07eb67e2c94362cb39a129547558996ec167bebd8c35cef945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:49 GMT
content-encoding
br
last-modified
Tue, 06 Sep 2022 13:02:19 GMT
age
11909
etag
"755981655cf2a849c34bcecac6972bfa"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
14399
story
capi.connatix.com/core/ Frame 62D6 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/story?v=180443
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fd79a84503120f51a5f08ba95cf9e579cdb71a455cd67f73663d72635089062e

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 06 Sep 2022 16:24:49 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.sltrib.com
access-control-max-age
86400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
2512
insights.bin
ins.connatix.com/adfcb118-22e4-41c0-b3fd-1379ecf3f301/b7016d29-e1fd-4d4c-a71d-64a2c53eb522/ Frame 62D6 		432 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/adfcb118-22e4-41c0-b3fd-1379ecf3f301/b7016d29-e1fd-4d4c-a71d-64a2c53eb522/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1370a291c2b1bb2291179491127d2eba73de6672253ce9c380339627f1338e31

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:49 GMT
content-encoding
gzip
last-modified
Mon, 05 Sep 2022 22:01:55 GMT
age
65084
etag
"ffefd64863001f60d402af310e3ca78f"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
263
insights.bin
ins.connatix.com/0f8784e3954b16cee6ef2b4150474051/ Frame 62D6 		252 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/0f8784e3954b16cee6ef2b4150474051/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f19ec18175b0631e9c5d0f2adf42f0fd7742019915f8e06b379ceb1500f13a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:49 GMT
content-encoding
gzip
last-modified
Sat, 12 Feb 2022 04:59:36 GMT
age
384890
etag
"cbd95329a638a293b4999bbc42855699"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
174
sr
capi-tier-1-us-east-2.connatix.com/tr/ Frame 62D6 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/sr?v=180443
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.135.86.205 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-135-86-205.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 06 Sep 2022 16:24:48 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 62D6 		376 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128229
x-xss-protection
0
expires
Tue, 06 Sep 2022 16:24:49 GMT
b7016d29-e1fd-4d4c-a71d-64a2c53eb522.bin
vid.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/ Frame 62D6 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/b7016d29-e1fd-4d4c-a71d-64a2c53eb522.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58432aa30a21684737e61687c4725f31f92235af0b9ce2a325537f6688740572

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:49 GMT
content-encoding
gzip
last-modified
Mon, 05 Sep 2022 22:00:54 GMT
age
65083
etag
"2e012149b1bfddd38895a7fa612d1aaa"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
945
ao
capi-tier-1-us-east-2.connatix.com/tr/ Frame 62D6 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/ao?v=180443
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.135.86.205 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-135-86-205.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 06 Sep 2022 16:24:48 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
g
capi-tier-1-us-east-2.connatix.com/rtb/ Frame 62D6 		104 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/rtb/g?v=180443
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.135.86.205 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-135-86-205.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
7657656f4be7130c220c55e040b3c3dd3f00a26993585a6d15be67f9419b443e

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 06 Sep 2022 16:24:49 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
109
ad
ssp.lkqd.net/ Frame 62D6 		168 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.lkqd.net/ad?pid=593&sid=1081150&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=574&height=323&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=CAAAAAAAAAAAAEXABADECFCwAAAAAH_AAAYgGpABICIEAABBICBEAIAEAAAAQBQAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAgAAAAAIAAAgAAAABA1IAAARAgAAIAAQIAAAAgAAACAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAEAAAAAIAAA.YAAAAAAAAAAA&ip=81.95.5.35&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.102%20Safari%2F537.36&pageurl=www.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&contentid=%5Bcontent_id%5D&contenttitle=%5Bvideo_title%5D&contentlength=%5Bvideo_duration%5D&contenturl=%5Bcontent_url%5D&rnd=4e17dcea-4a24-425d-8d05-6d871e21d895&us_privacy=
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.132 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
https://www.sltrib.com
date
Tue, 06 Sep 2022 16:24:49 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-encoding
gzip
content-type
application/xml; charset=UTF-8
ps
capi-tier-1-us-east-2.connatix.com/tr/ Frame 62D6 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/ps?v=180443
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.135.86.205 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-135-86-205.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 06 Sep 2022 16:24:49 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
3f619b8b-9556-4afd-a3e6-e6182c975ffa.jpg
img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/3f619b8b-9556-4afd-a3e6-e6182c975ffa.jpg?crop=574:395,smart&width=574&height=395&format=jpeg&quality=60&fit=crop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b69d317fb7dc36c2659ffc9eb5c343d4847c7e1a03d09e19f2cd6c95d11327c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:49 GMT
content-encoding
br
age
66189
etag
"TGo98FKFFJu/S0tiU8Jqt6nas7vgz+A6e7ru8JPws50"
access-control-max-age
86400
fastly-io-info
ifsz=73328 idim=1200x630 ifmt=jpeg ofsz=21896 odim=574x395 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
21530
3f619b8b-9556-4afd-a3e6-e6182c975ffa.jpg
img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/3f619b8b-9556-4afd-a3e6-e6182c975ffa.jpg?crop=574:323,smart&width=574&height=323&format=jpeg&quality=60&fit=crop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
41dbafe09938007aeb3d1b1ea9b97a6f01d7837bed8767d841acca25e1ab7f04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:49 GMT
content-encoding
br
age
66189
etag
"eLXnRmplJVytLS4/jBKxk5u9xFS5YcXTBH4WJuEIFag"
access-control-max-age
86400
fastly-io-info
ifsz=73328 idim=1200x630 ifmt=jpeg ofsz=18226 odim=574x323 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
17868
0b32b6d8-3743-4b76-95ba-6b296575389f.jpg
img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/0b32b6d8-3743-4b76-95ba-6b296575389f.jpg?crop=574:323,smart&width=574&height=323&format=jpeg&quality=60&fit=crop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b23f49cc6a67e1a8ce95c55310d14e264f221c83466b27b8509d0e7c90d206bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:49 GMT
content-encoding
br
age
66189
etag
"LSwiLvfMDMGaDrEFSG7aE7wWXzZ/WdyMNMAiJZLIkUg"
access-control-max-age
86400
fastly-io-info
ifsz=87653 idim=1200x630 ifmt=jpeg ofsz=22355 odim=574x323 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
21997
4bec8343-b546-4a19-a779-286a0ee4b1ff.jpg
img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/4bec8343-b546-4a19-a779-286a0ee4b1ff.jpg?crop=574:323,smart&width=574&height=323&format=jpeg&quality=60&fit=crop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c74892ebb4bb36978254e78ba2a6b122f17ac08953ac39bf346ef7233f0eb8ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:49 GMT
content-encoding
br
age
66189
etag
"F/VsOtKPbD+8qfPeQt5g0z7lqCnBsnbJcKE7v2GDPSo"
access-control-max-age
86400
fastly-io-info
ifsz=109819 idim=1200x630 ifmt=jpeg ofsz=21519 odim=574x323 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
21160
e556df3d-5ba0-4275-9e55-a0eda4b0c260.jpg
img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/e556df3d-5ba0-4275-9e55-a0eda4b0c260.jpg?crop=574:323,smart&width=574&height=323&format=jpeg&quality=60&fit=crop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
691b3a9d3aa28b80873fed5caee74e0254ed1ae59d4ff5daca3810aa95e5ff50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:49 GMT
content-encoding
br
age
66189
etag
"0mprHUPslzPQGb/wGIsnIrW20yP50ziUCk/IblgkuA0"
access-control-max-age
86400
fastly-io-info
ifsz=103270 idim=1200x630 ifmt=jpeg ofsz=23887 odim=574x323 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
23446
9252ac4a-19cc-4f10-87cd-5deb06c9f919.jpg
img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-7c8f48c7-072c-48f0-a3e0-75590839c044/adfcb118-22e4-41c0-b3fd-1379ecf3f301/9252ac4a-19cc-4f10-87cd-5deb06c9f919.jpg?crop=574:323,smart&width=574&height=323&format=jpeg&quality=60&fit=crop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2e032510d34644db24580cc5f01eb3e2ac6437d8bec32d02981d3f9a163b8c6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:49 GMT
content-encoding
br
age
66189
etag
"T843zVZ4tLq54369QQRJdqi5+leum7M/nnI0uDguu6g"
access-control-max-age
86400
fastly-io-info
ifsz=116739 idim=1200x630 ifmt=jpeg ofsz=27599 odim=574x323 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
27220
bridge3.528.0_en.html
imasdk.googleapis.com/js/core/ Frame 2A91 		637 KB
206 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
175930
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210604
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 15:32:39 GMT
expires
Mon, 04 Sep 2023 15:32:39 GMT
last-modified
Mon, 29 Aug 2022 20:41:35 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 62D6 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:24:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Sep 2022 16:24:49 GMT
bridge3.528.0_en.html
imasdk.googleapis.com/js/core/ Frame 5C3E 		637 KB
206 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
175930
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210604
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 15:32:39 GMT
expires
Mon, 04 Sep 2023 15:32:39 GMT
last-modified
Mon, 29 Aug 2022 20:41:35 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.528.0_en.html
imasdk.googleapis.com/js/core/ Frame 86F4 		637 KB
206 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
175930
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210604
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 15:32:39 GMT
expires
Mon, 04 Sep 2023 15:32:39 GMT
last-modified
Mon, 29 Aug 2022 20:41:35 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gaAccount
buy.tinypass.com/api/v3/anon/assets/ 		77 B
458 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/assets/gaAccount?aid=vxCIN3E3cT&tbc=%7Bkpex%7DLNt2eXi4EWk0HoY6_o2ZU_lxhbrzWcPnxW_b7ZCqNfS5pf0_vV9rLVpkglB9hydZ&user_provider=piano_id&user_token=&callApiJsonp=true&callback=jsonp4945
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BZCGRyQAUigbPI/36ba247a-87c2-4866-a5c2-8217ed6fe572/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91cd4faec9220eb23a23b77061b553461cd4824f384c54334cbe342f0c908e5d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74688e9e3ea56973-FRA
date
Tue, 06 Sep 2022 16:24:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
wn
prod-dash-10-0-132-184
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
p3p
CP="NON DSP COR OUR IND"
server-time
0.009
cache-control
public, max-age=86400, s-maxage=86400
x-forwarded-https
on
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Mdxqshr5OED
/
id.sltrib.com/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sltrib.com/?maxAge=2628000
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 06 Sep 2022 16:24:49 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
https://www.sltrib.com
access-control-allow-credentials
true
strict-transport-security
max-age=86400; includeSubDomains
cf-ray
74688ea03ffd9125-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
ad
ssp.lkqd.net/ Frame 62D6 		168 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.lkqd.net/ad?pid=593&sid=1081148&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=574&height=323&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=CAAAAAAAAAAAAEXABADECFCwAAAAAH_AAAYgGpABICIEAABBICBEAIAEAAAAQBQAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAgAAAAAIAAAgAAAABA1IAAARAgAAIAAQIAAAAgAAACAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAEAAAAAIAAA.YAAAAAAAAAAA&ip=81.95.5.35&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.102%20Safari%2F537.36&pageurl=www.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&contentid=%5Bcontent_id%5D&contenttitle=%5Bvideo_title%5D&contentlength=%5Bvideo_duration%5D&contenturl=%5Bcontent_url%5D&rnd=deaf56b1-94a3-4450-aebc-5524d6366aa7&us_privacy=
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.132 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
https://www.sltrib.com
date
Tue, 06 Sep 2022 16:24:49 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-encoding
gzip
content-type
application/xml; charset=UTF-8
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=34716452&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&ul=en-us&de=UTF-8&dt=Richest%20Utah%20native%20vows%20to%20give%20away%2090%25%20of%20his%20billions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=showOffer&ea=%20offerId_OFB02CG2O32L____templateId_OTB63GH3ELLS____aid_vxCIN3E3cT&el=Show%20offer%20offerId%3AOFB02CG2O32L%20templateId%3AOTB63GH3ELLS%20aid%3AvxCIN3E3cT&_u=aODAAEABAAAAAC~&jid=493102635&gjid=671505020&cid=2124059250.1662481485&tid=UA-26935592-1&_gid=1857288959.1662481485&_r=1&z=1631945747
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 16:24:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ Frame 0C00 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.sltrib.com
URL: https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4969
date
Tue, 06 Sep 2022 15:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 06 Sep 2022 17:02:00 GMT
0789cdf9-e476-42a3-b328-26f81face54c
https://www.sltrib.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.sltrib.com/0789cdf9-e476-42a3-b328-26f81face54c
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-26935592-1&cid=2124059250.1662481485&jid=493102635&gjid=671505020&_gid=1857288959.1662481485&_u=aODAAEABAAAAAC~&z=1759791034
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/8d82a4d3-a206-4e49-9c15-68d5c36aa42e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 06 Sep 2022 16:24:49 GMT
content-type
text/plain
access-control-allow-origin
https://www.sltrib.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-26935592-1&cid=2124059250.1662481485&jid=493102635&_u=aODAAEABAAAAAC~&z=1428226603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 16:24:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-26935592-1&cid=2124059250.1662481485&jid=493102635&_u=aODAAEABAAAAAC~&z=1428226603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sltrib.com/news/2021/11/16/richest-utah-native-vows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 16:24:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
ssp.lkqd.net/ Frame 62D6 		168 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.lkqd.net/ad?pid=593&sid=1081146&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=574&height=323&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=CAAAAAAAAAAAAEXABADECFCwAAAAAH_AAAYgGpABICIEAABBICBEAIAEAAAAQBQAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAgAAAAAIAAAgAAAABA1IAAARAgAAIAAQIAAAAgAAACAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAEAAAAAIAAA.YAAAAAAAAAAA&ip=81.95.5.35&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.102%20Safari%2F537.36&pageurl=www.sltrib.com%2Fnews%2F2021%2F11%2F16%2Frichest-utah-native-vows%2F&contentid=%5Bcontent_id%5D&contenttitle=%5Bvideo_title%5D&contentlength=%5Bvideo_duration%5D&contenturl=%5Bcontent_url%5D&rnd=0fcc6986-2eef-42ec-8b7d-0d45b4ce2b09&us_privacy=
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.132 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
https://www.sltrib.com
date
Tue, 06 Sep 2022 16:24:49 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-encoding
gzip
content-type
application/xml; charset=UTF-8
vast
tag.placelocal.com/ad/ Frame 62D6 		0
0
vast
tag.placelocal.com/ad/ Frame 62D6 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tag.placelocal.com
URL
https://tag.placelocal.com/ad/vast?vastversion=3.0&campaignid=81bd35a5-6e6c-447c-a7d0-18fbd8fd1fc8&party=3PAS&dsp=Connatix&pltracker=9502&cachebuster=6fdf142d-d078-43be-bd3a-b42a30e07e3f&auctionid=6fdf142d-d078-43be-bd3a-b42a30e07e3f&_sync=1&click=
Domain
tag.placelocal.com
URL
https://tag.placelocal.com/ad/vast?vastversion=3.0&campaignid=81bd35a5-6e6c-447c-a7d0-18fbd8fd1fc8&party=3PAS&dsp=Connatix&pltracker=9502&cachebuster=6fdf142d-d078-43be-bd3a-b42a30e07e3f&auctionid=6fdf142d-d078-43be-bd3a-b42a30e07e3f&_sync=1&click=

Verdicts & Comments Add Verdict or Comment

150 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| Coral function| setImmediate function| clearImmediate object| BOOMR_mq string| BOOMR_API_key object| BOOMR function| ttd_dom_ready function| TTDUniversalPixelApi function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression object| Fusion string| googleAnalytics string| gaTitle object| globalContent object| XML_CHAR_MAP function| escapeXml string| siteName object| authors string| articletags string| GoogleAnalyticsObject function| ga object| dataLayer object| homepage object| isAdmin string| section object| _sf_async_config string| cbSectionsVal string| authorName string| headlines undefined| hotTopic number| _sf_startpt object| _cbq number| _sf_endpt object| freestar number| BOOMR_configt object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater function| Osano undefined| __CSP_NONCE function| __uspapi function| __tcfapi function| x00_0xf970 function| x00_0x1ab3 function| x00_0x21a4 function| x00_0x5e97 object| _Scanner object| _cb_shared object| googletag object| ggeac object| google_js_reporting_queue object| pSUPERFLY_mab object| pSUPERFLY undefined| appId function| twq object| queryly object| searchPage object| google_tag_manager object| litHtmlVersions object| CoralCount object| react object| React object| ReactDOM object| PropTypes object| StyledComponents object| regeneratorRuntime number| 2f1acc6c3a606b082e5eef5e54414ffb function| _ object| FontAwesomeConfig object| ___FONT_AWESOME___ boolean| freestarReactCompontentLoaded string| ssaUrl function| fbq function| _fbq object| idOne object| idTwo object| _cbm function| cnxps string| env string| pianoPush string| meteredParam boolean| isMetered string| cloudFlare object| sltribDeployment object| tp object| tags string| firstPublishedDate boolean| isSponsored object| sites object| cX function| $ function| jQuery function| BlockAdBlock object| blockAdBlock function| onYouTubeIframeAPIReady object| fsdata object| fsCmpInitMessage object| _comscore function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _typeof boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG function| ___tp number| BOOMR_onload object| PianoESPConfig object| cnx_usr_storage object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| cnxPlugins number| google_global_correlator object| closure_lm_964571 function| cnxAddEventListener

20 Cookies

Domain/Path Name / Value
www.sltrib.com/ Name: arc-country
Value: DE
.sltrib.com/ Name: AKA_A2
Value: A
.sltrib.com/ Name: RT
Value: "z=1&dm=sltrib.com&si=b9wju4dunog&ss=l7qejvua&sl=0&tt=0"
.sltrib.com/ Name: _ga
Value: GA1.2.2124059250.1662481485
.sltrib.com/ Name: _gid
Value: GA1.2.1857288959.1662481485
www.sltrib.com/ Name: fs.bot.check
Value: true
.doubleclick.net/ Name: IDE
Value: AHWqTUnQY-HVLahA8GdjWysAqprKiR1vfep97G0PZyaJo9xMi3Lb0MUXZ9W2xksl1i0
www.sltrib.com/ Name: __adblocker
Value: false
.piano.io/ Name: __cf_bm
Value: Zj8d8y0H9zk1Qvfktv6AFz7oyLOgqyv.ts9DMVi2VbA-1662481486-0-AQApu8pc23HMx45vcYPxT/KW3NhmUZ/tQwOuG53pZRMG7Wprhec0Kn+KJxE5A/BhR1BKT8qqHxE0aPUgv26aFFU=
.sltrib.com/ Name: __tbc
Value: %7Bkpex%7DLNt2eXi4EWk0HoY6_o2ZU_lxhbrzWcPnxW_b7ZCqNfS5pf0_vV9rLVpkglB9hydZ
.sltrib.com/ Name: cX_P
Value: l7qejwskuciqgzr0
www.sltrib.com/ Name: __pat
Value: -21600000
.sltrib.com/ Name: __pvi
Value: %7B%22id%22%3A%22v-l7qejwsss8t2aqo1%22%2C%22domain%22%3A%22.sltrib.com%22%2C%22time%22%3A1662481486754%7D
.sltrib.com/ Name: xbc
Value: %7Bkpex%7Dl5Mra6BamAm_bS_F0QSnYrDnEX9c4g_JIxzCJoXMwYwW2Ah-dj_A74bTD6T21w-ymOAXyqWefMfzMMcjlxjXUMW15MdSjO-DvVQYulW1Ucs-gGtUBjTzVWhE2BsY7if7e4iIZ4gGc53A1KBjRlW29PBuM6ftZpx1_XmPV1UMr0maDnHPmgtUcH57WwtK_jegKrcJGNp2SADkzFxOyUWO-EYdmQp8aHOiVeWs8UE2cbVe0NpVlLaXwQx56Tbhr_Lvq6Aw9MxCalx78O_6KdYV0VOiRUBLGPU1rZE4F-tiQOw
.tinypass.com/ Name: ch_sid
Value: 0SVQ7UjstusbEzu
.tinypass.com/ Name: LANG
Value: en_US
.tinypass.com/ Name: LANG_CHANGED
Value: en_US
.sltrib.com/ Name: __pil
Value: en_US
m.stripe.com/ Name: m
Value: 968ce9cf-610b-41c1-9c4f-5eb429f83da33a869c
.sltrib.com/ Name: _gat_pianoTracker
Value: 1

4 Console Messages

Source Level URL
Text
network error URL: https://www.sltrib.com/pf/api/v3/content/fetch/coral-comments?query=undefined&d=306&_website=sltrib
Message:
Failed to load resource: the server responded with a status of 500 ()
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network error URL: https://tag.placelocal.com/ad/vast?vastversion=3.0&campaignid=81bd35a5-6e6c-447c-a7d0-18fbd8fd1fc8&party=3PAS&dsp=Connatix&pltracker=9502&cachebuster=6fdf142d-d078-43be-bd3a-b42a30e07e3f&auctionid=6fdf142d-d078-43be-bd3a-b42a30e07e3f&_sync=1&click=
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://tag.placelocal.com/ad/vast?vastversion=3.0&campaignid=81bd35a5-6e6c-447c-a7d0-18fbd8fd1fc8&party=3PAS&dsp=Connatix&pltracker=9502&cachebuster=6fdf142d-d078-43be-bd3a-b42a30e07e3f&auctionid=6fdf142d-d078-43be-bd3a-b42a30e07e3f&_sync=1&click=
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=86400

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8208269.fls.doubleclick.net
8234312.fls.doubleclick.net
a.pub.network
adservice.google.com
adservice.google.de
ajax.googleapis.com
analyticssystems.net
buy.tinypass.com
c.go-mpulse.net
c2.piano.io
capi-tier-1-us-east-2.connatix.com
capi.connatix.com
cd.connatix.com
cdn.tinypass.com
cdnjs.cloudflare.com
cds.connatix.com
clickserv.basis.net
clickserv.sitescout.com
cmp.osano.com
d.pub.network
d3plfjw9uod7ab.cloudfront.net
experience.tinypass.com
id.sltrib.com
imasdk.googleapis.com
img.connatix.com
ins.connatix.com
js.adsrvr.org
js.stripe.com
link.3blmedia.com
local.sltrib.com
log.outbrainimg.com
m.stripe.com
m.stripe.network
mab.chartbeat.com
ping.chartbeat.net
pixel-a.basis.net
pixel.sitescout.com
q.stripe.com
s.go-mpulse.net
s0.2mdn.net
securepubads.g.doubleclick.net
sltrib.coral.coralproject.net
ssp.lkqd.net
static.chartbeat.com
stats.g.doubleclick.net
tag.placelocal.com
tcheck.outbrainimg.com
vid.connatix.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.npttech.com
www.queryly.com
www.sltrib.com
tag.placelocal.com
142.250.185.66
146.20.128.132
151.101.2.137
151.101.66.137
167.89.118.52
172.217.16.198
207.198.113.205
23.35.229.181
23.35.237.86
2600:9000:2057:3600:18:1fcd:351:7bc1
2600:9000:206f:a800:3:b7e:8940:93a1
2600:9000:214f:4000:13:a391:88c0:21
2606:4700:20::681a:8b
2606:4700:20::ac43:497c
2606:4700:3030::6815:5476
2606:4700:3032::ac43:cb69
2606:4700::6810:2a41
2606:4700::6811:190e
2606:4700::6811:b7b1
2606:4700::6811:bab1
2a00:1450:4001:800::2006
2a00:1450:4001:802::200a
2a00:1450:4001:803::2002
2a00:1450:4001:809::2003
2a00:1450:4001:809::200e
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2002
2a00:1450:400c:c07::9c
2a02:26f0:3500:12::1730:17a6
2a02:26f0:3500:586::11a6
2a02:26f0:3500:991::11a6
2a04:4e42:600::714
3.135.86.205
34.196.134.239
35.201.71.192
35.244.156.29
35.81.202.99
54.186.23.98
64.202.112.31
65.9.65.116
66.155.71.149
66.155.71.179
69.16.220.201
99.86.4.76
99.86.4.96
01d6fdcdfb196cb3a9e6d29c26f16be5449973ea5801c8a19812e62edc8b1375
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080
09c4ec5323f99cb59c0eecb9c263881c9b883eead9caa349f5dc448de639b19a
0f1928c0a2274141ca7ba973c6098bb259a335c6ecc1969fed7ce92fea6a744d
1349f8a177348d0812701b1d014b76c7dba107cb9793792379e70cfeb35ed80d
1370a291c2b1bb2291179491127d2eba73de6672253ce9c380339627f1338e31
1a5414e59027131d5ac994ba4fe4386b491145f34e86c9ffe90fb7ea968bcf0d
1f41c74991f832df75862a53468fd4125847bfa3ed7fd898c70955f56a109593
220832d32395cd530c8ae99da60e01530d9c50085df4beb88ee89baafe565a4f
22be49ce866a34ae0c3242ea58bd3cedb4084867009cf100e8149d4d0d2eed4a
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
2e032510d34644db24580cc5f01eb3e2ac6437d8bec32d02981d3f9a163b8c6b
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816
305705fc54f335a4cce39cb68ab059e7202c19f0ff03d3336ebd3e6fcdcf0518
325eb0ed9c4b2173718116d97c78e067f83311ed07570de76d154881bee92947
37e4ecedf0ab53a8f928507a9ae337f5871230f4525ce7e8070af4b21c17412d
387aa7a6738013f6870e894b7fe403851bc07a70bce38ae776ee2de49cad8c5c
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3b4afadbde544c4bcff673c56233c2aebf3acbe475a895594a0c5c58f2a444a8
3d9215d1b15a3a07cf0bd95f0e8e7eb715671ab34071fb9dc9cbe9c4b0b0c134
3db1711b708e98ad42b7764a019342259e8c5c8fd4d4602fadd8e28b69f0200a
403f82f5023b7899ecc6ea3059c0b29c10d6719e7f8464e0625c8f5d02c9b69c
41dbafe09938007aeb3d1b1ea9b97a6f01d7837bed8767d841acca25e1ab7f04
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
462f8a9becd0c3fe2ff5f35f32d9ec980cab1ae3a715b9f7ba03e544134d815c
46f8c97ddbc212676966a87dddf312c90267a1d8c8ac1ca0165ecb78cdb3846b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b6c3d07d92d112790d9841c3530d6c59ed74684ed7242c3ce5b9418ecf2cc2b
4f19ec18175b0631e9c5d0f2adf42f0fd7742019915f8e06b379ceb1500f13a6
4f30edfff18f6ab829328a8320017953bcdeece5bc1c9420ce63ec13313ee49d
50218b350ecd9694900e829cfc6c60e47693ef3cb35a07774414ef83a911f1b4
50f0a3cbc5da185ccf818b599a8a6b0571c520465ad0a830f4d7b3833770241b
52eafba1583472b19d8a21174e9927f283f21d7525838e9c20a3730f88051812
58432aa30a21684737e61687c4725f31f92235af0b9ce2a325537f6688740572
5903ac62a504525a0c57b90ed548c2415f542e242d4c64edd369db6cf82aab6f
5c1a97171b0ac89a0ba20428ba069f1db2fcdb96280b99f991fcffe743eca72e
5c37ae406fb7482d4272fdad17a3dc6ccfa9b0dfc3bf06ee6636855ed0eb382b
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9
650876073a3cf72c3ea5de10fa9f864b6871fabe634f1bc8c9fc9ca9f8db24ec
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
668c0ef605758b2a28ae572680986554e0097e2f10a749db8316b3cb1574806c
68326de2e78eee8040cc7dc6181ca15a8e16ca1951aab55899caeb9ac01952df
691b3a9d3aa28b80873fed5caee74e0254ed1ae59d4ff5daca3810aa95e5ff50
6a505a2b7124eb5116121cac2dfb5aaaf44fcdeb0596efadcea9a74cd9544400
6a7dd3acbecddc653446803e807cea2b6a85f3c6c1a6cc349b751f5e965647ad
6b1cd613d758005511cceb6bb0c86a1a2a1a5d31c62ea1145034576ec73ee63c
6cf2d695fd4e56e10f58b01bc4b38a3fda47ccbf619b7e4d9867d2568e1d491e
7135861f8a8768636a90c4fb777082380c84194319273624e88004ab2b9d98d2
723d8ab168028df966846ab9eb8bccf8914eae29f6fee3a13550f01cab3ddea0
72d3bb48505405120796571830ae74c4f871f03a9052d080cde2190aa926b1ee
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
7582354aac0b69ddb4805d6c6a5aa500bd1ea1419d1e9180ff7ec248aa75a538
7657656f4be7130c220c55e040b3c3dd3f00a26993585a6d15be67f9419b443e
7c207b3ed9feda70543fb75e8d0172f262a909522db37f7e3e22249a075a2760
7eb2af8a6315d058a1e7b87fadf2070e8fc0b2449b0a89da20c5b912de500acd
80829916dd7461f45b5709b63546ac24d8542434932a530ba5b6833857e91a76
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
855bf45f4e9eb52b5d040f57f8860d7c6ccd7832900b58400c7d3c3ed2d8f320
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8f850627aa46412b56450f99c309fbfa8786f65a46b59746223cc135e2535b46
9041f63adc7ef5badf30edfdd51d94832df52c6a93c52ba91ea270c107847b82
91cd4faec9220eb23a23b77061b553461cd4824f384c54334cbe342f0c908e5d
93fc8b658124ff5537f0f4d764d1ab052431db7356744319851ec3b69d5c5511
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
991986e0805c65510fb34a80b27fd9322295700b94bc29ef1c4634a65d5e092e
99864675faf8dea302b09f4905d80f32a6ca510c9b1118d2692e0df0241c637d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a6b9ca255d1b81f64849a3e0412ee94a858f10baafb862bfd715541afdb012df
a9450e83ec09f4210f388881c236376e6808d1fb46065133d390f7039629f048
aa21d0ddbc7cb318d1367bab72630267ec09559a269a23672cebf582d36386ca
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b23f49cc6a67e1a8ce95c55310d14e264f221c83466b27b8509d0e7c90d206bf
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5
b3074e2cf0b12bcf10b46ed42bbe45b43ddfb868a7434b8e7b45ec387924c09a
b3f88ad1f01a66d7cb30dc2f5754b2f0eecaf5dace58c8537c4d990c1c44daf4
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b4ea7becb73ec15a833c3b07af42d783b6d659be85365d1b7b2a3698d412d3e2
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b6322113217b4fac79ad5b27613c9c66d466e67fad90363e743c87df4843acd7
b69d317fb7dc36c2659ffc9eb5c343d4847c7e1a03d09e19f2cd6c95d11327c8
b6f752800c0ade3a40f24bf1abfbda4144daf62e3310cbe1bb99fbcc28106150
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
ba7b216d6e5a6306668821f071831022c7205627e881f2214659b36b7bdced6a
ba7bbecfafbdaa5c42febcdcc8cff1181eb9a05af145c171fd397665f68a10f8
c1da96c3d42f7caf85fcf6e884d721b8417efd123ac21d75865ce6825d62b30c
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
c338ffbcf46f2e232a2dfc231dd3d99c7b173cf513bbab256eae8d4a3e3ac067
c41306714d2e4215494e69b0c308709cf70e7e4eb5bb5dfa02cee392bb8a44db
c74892ebb4bb36978254e78ba2a6b122f17ac08953ac39bf346ef7233f0eb8ee
c875aa15f9b7c057d93a44931cc4518fa89641cda38843c434f102c6f9afe40d
cf3929157d670f667a9bb26cde627336484607dfc6d14205d3ebaf20327eb96c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
d6b10e6c3a812d3cb7081fa6014bc5aa6f8fbee831adbddc5df3bb5da8e1ac05
d7ab0f1e31217960c7bcf0bdb822374271344c75aab4da7825505571e7e9035e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41656eb2ba6c6293bf6dd928e5a88cdbc50535cab661c1969e0f598e497ed62
e8ca23a252b58a07eb67e2c94362cb39a129547558996ec167bebd8c35cef945
e9ad5095294ab16f4e0f967319567e84e699412d08bdde3986ea4dd21a9825b6
e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5
ea9d44babfa4a2cd0031f081fd9381751bee0f7d044ae9254d2b1ce71fa32605
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f7c439ef85646d5f8f9315c229280bea356af66ad56d2eee09d03ebedd2c2d2f
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
f8a691e6f523905cca35f8488a78ceadbaa81c057adf1b5a4817871ad27bf787
f98b036fe5c18078c10069bddcfa1436e7726ac0adc3cb05699b2a07d7112ba6
faa89869b696a28906e1a4cbc76401428cc2975267b5ab83c605f683a8472406
fd79a84503120f51a5f08ba95cf9e579cdb71a455cd67f73663d72635089062e